I only know the inelegant, brute force way, which is to check the request object for the request type, and if it's "http" when it should be "https", do a redirect to the same URL but with "https" prepended.
There's probably a much more robust and correct way to do this using Tomcat security restrictions and realms, but I haven't worked with them that much, so I don't want to give you wrong information. Lots of people on the list have done this, though, so perhaps the best way to proceed would be to start a new thread with a new subject about restricting particular URLs to SSL. John > -----Original Message----- > From: Christie I [mailto:christie_iii@;yahoo.com] > Sent: Friday, October 25, 2002 1:04 AM > To: Tomcat Users List > Subject: RE: Apache-Tomcat > > > > Hi > > Thank you very much John. It worked!. I have one last > problem. Iam running Openssl. Iam having *.jsp files in my > webapps/myproject directory that some of the files needs to > be accessed by https and not thru http? How to do this? > > for eg :https://0.0.0.0/welcome.jsp should not be accessed > thru http://0.0.0.0 ? How to do restrict this? > > Thanks in advance > > > > > --------------------------------- > Get a bigger mailbox -- choose a size that fits your needs. > -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
