My solution to this was to use Apache in front of tomcat. The non-ssl virtual host in Apache has a single page that simply redirects the user to the ssl version. It is not possible to access the webapp from the non-ssl version.
I think that you can configure your web.xml to specify that certain pages must be over SSL. -------------------------------------------- Quinton McCombs NequalsOne - HealthCare marketing tools mailto:[EMAIL PROTECTED] http://www.NequalsOne.com > -----Original Message----- > From: Ilan Azbel [mailto:[EMAIL PROTECTED] > Sent: Friday, June 06, 2003 9:16 AM > To: Turbine-User > Subject: Mixed SSL and non-SSL site > > > I want to have ALL my pages on my website using SSL, except > for index.jsp that would redirect to the login page via SSL. > > I find that if I allow the http connector on pert 80 then the > whole site can be accessed by http. How can I configure my > website in such as way so as to allow http connection only > the index.jsp page and then force https to be used for the > rest of the site. > > Ilan > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
