On Fri, Aug 1, 2014 at 1:55 PM, John Smith <tomcat.ran...@gmail.com> wrote:
> In my webapp there's a directory '/admin' that's protected under SSL. Users > are forced to use SSL via a security constraint in web.xml. It works great. > > I would also agree with Chuck and James. Can you not move this admin app to another instance of Tomcat? Why dangle it out there on the same server that has all your other non-SSL required webapps? Just asking. leo
