--
Trevor MacPhail
Graham King wrote:
See javax.servlet.ServletRequest.isSecure() This should do it:if ( request.isSecure() ) { // All is well } else { // Redirect to https site } Turner, John wrote:I only know the inelegant, brute force way, which is to check the request
object for the request type, and if it's "http" when it should be "https",
do a redirect to the same URL but with "https" prepended.
There's probably a much more robust and correct way to do this using Tomcat
security restrictions and realms, but I haven't worked with them that much,
so I don't want to give you wrong information. Lots of people on the list
have done this, though, so perhaps the best way to proceed would be to start
a new thread with a new subject about restricting particular URLs to SSL.
John
-----Original Message-----
From: Christie I [mailto:christie_iii@;yahoo.com]
Sent: Friday, October 25, 2002 1:04 AM
To: Tomcat Users List
Subject: RE: Apache-Tomcat
Hi
Thank you very much John. It worked!. I have one last problem. Iam running Openssl. Iam having *.jsp files in my webapps/myproject directory that some of the files needs to be accessed by https and not thru http? How to do this?
for eg :https://0.0.0.0/welcome.jsp should not be accessed thru http://0.0.0.0 ? How to do restrict this?
Thanks in advance
---------------------------------
Get a bigger mailbox -- choose a size that fits your needs.
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
-- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
