Note that when you switch you may lose your servlet session. Cookies built in https are not visible to http. And using an http cookie in https is a security hole.
On Feb 1, 2008 12:45 AM, Dave <[EMAIL PROTECTED]> wrote: > For jsf page (myfaces), some data need to go through SSL such as bank > information. > For better performance, other pages(or forms) can use http. > > <h:form> ... </h:form> > > <h:form> ... </h:form> > > if a form may contain personal data, it should be summitted using https. > Also we need to let user know it is secure by showing a lock and > https://.... in browser address bar. > > How can I do this? > > sometimes The IE browser shows a warning: the page contains both secure > and nonsecure data. what is the meaning? how to avoid the warning? > > Thanks for ideas. > Dave > > ------------------------------ > Looking for last minute shopping deals? Find them fast with Yahoo! > Search.<http://us.rd.yahoo.com/evt=51734/*http://tools.search.yahoo.com/newsearch/category.php?category=shopping> >
