Another way to secure resources is to define them in web.xml. Usually
this setting has worked for me.
<security-constraint>
<web-resource-collection>
<web-resource-name>app or resource
name</web-resource-name>
<url-pattern>/*</url-pattern> <!-- define all url patterns
that need to be protected-->
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
If someone tries to access the above url pattern over http, the server
automatically redirects to a https connection.
>>> [EMAIL PROTECTED] 01/13/04 08:22AM >>>
There are many theories out there. From personal experience, the
simplest/cleanest way to do it is with Struts + the sslext plugin. But
even then, don't expect it to be trivial. Run some Google searches to
find components, tutorials, articles, etc. Those things should make
your life a little easier.
-----Original Message-----
From: ext Mufaddal Khumri [mailto:[EMAIL PROTECTED]
Sent: Monday, January 12, 2004 6:12 PM
To: Tomcat Users List
Subject: http to https how ?
Hi,
Have a page First.jsp
When a user comes to http://my.domain.com/First.jsp ... I would like to
redirect him or her to https://my.domain.com/First.jsp.
How do I do this on my jsp ? I tried <%
request.redirect("https://my.domain.com/First.jsp";) %> , but i get an
exception saying
cannot resolve symbol
symbol : method redirect (java.lang.String)
location: interface javax.servlet.http.HttpServletResponse
response.redirect(path);
Thanks.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
