On 2002-10-25 Christie I wrote:
> Hi
>
> Thank you very much John. It worked!. I have one last problem. Iam
running Openssl. Iam having
> *.jsp files in my webapps/myproject directory that some of the files
needs to be accessed by https
> and not thru http? How to do this?
>
> for eg :https://0.0.0.0/welcome.jsp should not be accessed thru
http://0.0.0.0 ? How to do
> restrict this?
Hi.
You can automatically redirect all access to jsp-files to https with adding
text below to the end of web.xml.
This can cause some problems though (at least i had) with jsps that use
setContentType to something else (like application/pdf).
<security-constraint>
<web-resource-collection>
<web-resource-name>SecurityRestriction</web-resource-name>
<description>Secure all jsp-pages</description>
<url-pattern>*.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
- Toni
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
