httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Krist van Besien <krist.vanbes...@gmail.com>
Subject Re: [users@httpd] HTTPS only for login page (when apache front tomcat)
Date Wed, 21 Apr 2010 12:37:31 GMT
On Wed, Apr 21, 2010 at 12:38 PM, chamila piyasena <tchamila@gmail.com> wrote:
>
> Hi,
> My application is running on tomcat. And I have fronted tomcat by Apache web
> server using mod_jk. And I have successfully added https in apache to all
> the pages in my application. But I want to https only for the login page. I
> have tried several configurations but unable to do so. can any one help me
> on this please?

First think about why you want this. Is there any particular reason
why users couldn't just stay on https? Think about the possible
security risks of allowing authenticated sessions over plain http.

Krist

-- 
krist.vanbesien@gmail.com
krist@vanbesien.org
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message