I'm fairly certain that this question is not related to MyFaces ...but it could be though, so here goes!
I have an app with several pages, one of them being an SSL encrypted form. To do this I use a Tomcat <security-constraint> with a redirect to the form. All of that works well.
What's odd is that I can't get the SSL to go away nicely; if I navigate away from the SSL form (click a link to a non-encrypted page), all subsequent pages remain encrypted. I can use the Sandbox form to remove encryption but it lags a page behind. Additionally I have to hardcode a port. Ugh.
I have a <security-constraint> in place for pages that have no encryption but it seems to be ignored.
I'm using Facelets if that helps/makes any difference.
Anyone have a suggestion?
