Hi All,
I want to stick with container-managed security and I would like to have
form-based login on servlet 2.4 (tomcat 5), with SSL encryption on the
login form but then switch back out of SSL for the remainder of the
session (mostly).
I tried this 18 months ago and if my memory serves me well, in tomcat 5,
if I switch the request back out of SSL with a redirect or similar, I
can no longer see the SSL session (and am effectively not logged in
anymore).
Is there an easy way around this? A javascript encryption routine for
the password or some trick with ssl-ext?
Adam
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
