Hi,
One part of a site I've done has automatic SSL redirection using the <transport-guarantee> element in web.xml to ensure SSL communication with the sensitive parts of site.
The other parts of the site I'd like not to be encrypted. If I go to
the secure part, however, then back to a non-secure part,
the https:// remains (as I'm using relative URLs). Is it possible to configure
these non secure sections to redirect to no encryption (so that a
request to https://.../nonsecureservlet/ is redirected to
http://.../nonsecureservlet/) without doing a protocol check all of my
servlets or making all of my links absolute? I've tried
<security-constraint>
<web-resource-collection>
<web-resource-name>Automatic SLL
Unforwarding</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>to no effect.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
