Looks like Steve D. George already answered the SSL setup question, but as far as cookies go. No, you cannot share cookies between http and https. The reason is not a deficiency in Tomcat or Apache, the reason is security. Actually, you might be able to read cookies set in http while in https, but most certainly *not* vice-vera.
Take a look at the Netscape Cookie Spec for more info: http://www.netscape.com/newsref/std/cookie_spec.html Jake Tuesday, April 30, 2002, 5:10:45 AM, you wrote: tric> Hi All, tric> My application requires that certain pages on the site are accessed via SSL, tric> is tric> there a way in tomcat to reject the connection of http to a specific page tric> (ie securePage.jsp) but still allow http access to other pages (ie. tric> standardPage.jsp). tric> Also i'm using cookies - so i wanted to know whether these cookies will tric> be visible in both the http & https contexts. tric> Thanks in advance, tric> Ritesh tric> ---------------------------------------------------------------------------- tric> This message contains privileged and confidential information and is tric> intended only for the individual named.If you are not the intended recipient tric> you should not disseminate,distribute,store,print, copy or deliver this tric> message.Please notify the sender immediately by e-mail if you have received tric> this e-mail by mistake and delete this e-mail from your system.E-mail tric> transmission cannot be guaranteed to be secure or error-free as information tric> could be intercepted,corrupted,lost,destroyed,arrive late or incomplete or tric> contain viruses.The sender therefore does not accept liability for any tric> errors or omissions in the contents of this message which arise as a result tric> of e-mail transmission. If verification is required please request a tric> hard-copy version. tric> ---------------------------------------------------------------------------- tric> -- tric> To unsubscribe: <mailto:[EMAIL PROTECTED]> tric> For additional commands: <mailto:[EMAIL PROTECTED]> tric> Troubles with the list: <mailto:[EMAIL PROTECTED]> -- Best regards, Jacob mailto:[EMAIL PROTECTED] -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>