Hello,
you can check it with the methode "request.isSecure",.
that will give you true or false, make shure you use the ajp13 protocol with
mod_jk.
I don't know how to get the detailed information about the protocol and the key.
Greetings,
Wolle
Sam Newman wrote:
> I have Apache and Tomcat running together under SSL. I now want to create a
> page which only run under SSL. I want http and https to share the same
> documents however. My first idea is to simply have a tag handler, which
> detects the protocol, and if not SSL is simply redirects to a page explaning
> why they cannot view the requested document.
> By problem is that I'm not sure on the correct way to retrieve what type of
> protocol is being used. There is a getAuthType method in HttpServletRequest,
> but the return type is simply a string (e.g. "BASIC" or "SSL"). My concern
> is that this return could vary from browser to browser. Can I assume that if
> using SSL the return will always be the string "SSL"? Also, how can I detect
> which level of encryption is being used? Ideally, I'd like to restrict users
> to connecting using 128bit only, or at least issue a warning when its at
> 40bit.
>
> Thanks in advance,
>
> Sam
--
