See javax.servlet.ServletRequest.isSecure()
This should do it:
if ( request.isSecure() ) {
// All is well
}
else {
// Redirect to https site
}
Turner, John wrote:
I only know the inelegant, brute force way, which is to check the request
object for the request type, and if it's "http" when it should be "https",
do a redirect to the same URL but with "https" prepended.
There's probably a much more robust and correct way to do this using Tomcat
security restrictions and realms, but I haven't worked with them that much,
so I don't want to give you wrong information. Lots of people on the list
have done this, though, so perhaps the best way to proceed would be to start
a new thread with a new subject about restricting particular URLs to SSL.
John
-----Original Message-----
From: Christie I [mailto:christie_iii@;yahoo.com]
Sent: Friday, October 25, 2002 1:04 AM
To: Tomcat Users List
Subject: RE: Apache-Tomcat
Hi
Thank you very much John. It worked!. I have one last
problem. Iam running Openssl. Iam having *.jsp files in my
webapps/myproject directory that some of the files needs to
be accessed by https and not thru http? How to do this?
for eg :https://0.0.0.0/welcome.jsp should not be accessed
thru http://0.0.0.0 ? How to do restrict this?
Thanks in advance
---------------------------------
Get a bigger mailbox -- choose a size that fits your needs.
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
