Hi all, Been trying to figure out the best way to hook up a means to secure the action of a form without securing the page itself (weird requirement I know, but alas).
Overriding RequestSecurityManager doesn't seem to be the right approach because getBaseUrl() lacks any context other than the active page name. Referencing a Form in an injected page containing the Secure annotation won't help because the link is generated for the active page and not the containing page. UrlRewriterRules don't seem to work because I don't have access to anything before the server name (can't set https://). Any suggestions or other approaches? Am I missing something? Thanks, Rick
