Hi, I'm working with a standalone Tomcat 4.0.2 on W2K. I've just gone through the SSL How To and created myself a little certificate and got everything working over SSL. I can access all my pages over HTTP or HTTPS.
My question now is how to enforce the use of HTTPS for a given page. The SSL How To says that any page that absolutely requires SSL should check the protocol of the request and take the appropriate action, by which I presume it means that you code a redirect to the same page but over https. Is this the standard way to enforce it though. I sort of imagined that you would be able to say that any page in a certain directory should be served over HTTPS and just let tomcat handle it for you? Thanks for any help, Have a great weekend everyone! Cheers, Steve. -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
