It may be an ugly hack, but it has worked for some of my actions. If you return null instead of the action name to be invocated, you can use a response object to send information directly to the user. The HttpServletRequest object has method isSecure() which you can use to determine whether the request is secure or not. If it's not use the HttpServletResponse object to redirect the user to the secure location.
The other approach is to make a plain simple filter to do this, since you probably won't need any of the Struts features for this kind of task. But this shouldn't be used for anything but simple front page redirects. If the user sends a non-SSL request then he has already sent all the information unprotected across the internet, and just redirecting him to an SSL-protected page doesn't really help in securing the application. On 7/10/07, Session A Mwamufiya <[EMAIL PROTECTED]> wrote:
Hi All, I've installed SSL on my JBoss container (it works) and have created an interceptor that checks that the requests to my web app are secure (using https). I would like to redirect all non-secure requests to use ssl and have https in the address. How can this be done? I'm not sure how to tweak the request object or the action invocation to make this happen. Thanks, Session --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
