my guess is yes, if you do not check in jsp/servlets are on https (request.isSecure()) and if you are allowing users to port 8080 (block it). my guess... :)
-----Original Message----- From: Dean Hiller [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 06, 2002 7:33 AM To: Tomcat Users List Subject: Re: apache + mod_SSL + tomcat I never saw an answer go by to the below question and was curious what it would be. Does no one now the answer???? Dean "Cressatti, Dominique" wrote: > Hi, > > I've got apache + mod_SSL + tomcat working > (I don't deserve that much credit as mod_ssl worked > right out the box) but I wonder couldn't the security bypassed, > like for example accessing the page on port 8080 instead of port > 443 ? > > Dom -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]> -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
