On Thu, 7 Nov 2002, Chris Parker wrote: > > This came up a week or so ago. Check here for a very > > comprehensive reply from Milt Epstein. In short, isSecure is > > exactly the method you should use, and it does know if the > > original request is SSL or not. If it is always returning > > 'false', something else is going on. > > > > http://marc.theaimsgroup.com/?l=tomcat-user&m=103608496529118&w=2 > > > > John > > Thanks John, somehow I missed that reply - and thanks Milt for > providing it. > > On my server SnoopServlet replies that isSecure() = false - even > though it's true. I thought this was a limitation of > Apache->Tomcat, not a problem with my configuration. > > Now that I know I'm not looking for the impossible, I'll investigate > and post when I have a solution...
Just a couple of things to add: 1. I suspect, but don't know for sure, that isSecure() (and getScheme()) should work correctly even with forwards/redirects as well. Of course, if you found that isSecure() doesn't work with basic https, as apparently is the case above, the problem is not restricted to forwards/redirects. 2. Some other people reported this mis-behavior, and at least one person said/suggested that it's a bug with the Coyote AJP connector. Which connector are you using? If it's the Coyote AJP connector, that adds confirmation to this possibility. I don't know that it's yet been fixed, or that there's a workaround, other than using the Ajp13Connector. Milt Epstein Research Programmer Integration and Software Engineering (ISE) Campus Information Technologies and Educational Services (CITES) University of Illinois at Urbana-Champaign (UIUC) [EMAIL PROTECTED] -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>