On Thu, 26 Jul 2001 [EMAIL PROTECTED] wrote:
>
> I asked this on another thread of discussion but never got an answer. Is
> this automatic redirection to SSL new for Tomcat 4.0? I'm using 3.2.3 and
> when I set this user-data-constraint it appears that Tomcat verifies access
> via SSL but does not redirect if it is not. From your response below I
> assume this is 4.0 only.
> Thanks,
> Dave
>
Yes it's new in Tomcat 4.0. So is the explicit spec requirement that a
container act in this way, in Servlet 2.3 PFD3, section 12.8, p. 92). The
servlet 2.2 spec was silent on this point, although some containers behave
that way.
Craig
