Just redirect "as required". http://myserver/login redirects to https://myserver/login, form submits to the same page and when OK, it redirects to http://myserver/home or whatever. You'll probably need to pass a 'secret' to the home link to preserve the user's login, which might be a simple URI parameter.
Don't do the above on the big bad internet. From a security perspective it's virtually pointless to do it this way. I'm assuming you're doing this because you have an intranet www server and some company policy dictates that plaintext passwords are not allowed on the net any longer. It's probably much smarter to look at single-sign-on solutions instead, Kerberos integration with Tomcat is about a day's work and will both provide a better user experience and provide much better security too. M > -----Original Message----- > From: Nikita Manohar [mailto:nikita.mano...@gmail.com] > Sent: woensdag 06 januari 2010 10:17 > To: Tomcat Users List > Subject: Re: Toggling > > Hi Peter, > > The trigger here is suppose in a web application there is a > welcome page which is to be re-directed to a user's homepage > after login. The secure information (login page) should be > toggled to https and the rest as http. > > Is it possible to do so automatically? > > > Thank you, > -Nikita > This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law. If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message. Thank you for your co-operation. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
