The documentation supplied for tomcat that pertains to the configuration of ssl states - "indeed a developer can pick and choose which pages require a secure connection and which do not. For a reasonably busy site, it is customary to only run certain pages under SSL, namely those pages where sensitive information could possibly be exchanged. ... Any pages which absolutely require a secure connection should check the protocol type associated with the page request and take the appropriate action of https is not specified."
I have SSL set up in my application currently, so that any page I request can either use https or http. How do restrict access to some pages using http, while allowing others to use it? Basically how do I implement the scenario's described in the above passage? Or where is there documentation on this? Thanks, Chris -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
