tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Adams" <b...@satx.rr.com>
Subject RE: Standard SSL question
Date Wed, 09 Jan 2002 23:56:30 GMT
actually you can just use
request.isSecure();
it is built in to ServletRequest
:)


-----Original Message-----
From: Corey A. Johnson [mailto:cjohnson@cniweb.net]
Sent: Wednesday, January 09, 2002 5:55 PM
To: Tomcat Users List
Subject: Re: Standard SSL question


I have done something similar..  by checking the start of the String
returned by request.getHeader("host")  And do a response.semdRedirect to
the secure version of the page.

if(!request.getHeader("host").startsWith("https:"))
    response.sendRedirect("https://www.domain.com/securePage.jsp");

Or you can redirect to an error page.. and have it META REFRESH and link
to the secure version.

Hope that helps.

Cj

Steve Mactaggart wrote:

>Hello all,
>
>I need to make it that certain pages on the site are accessed via SSL, is
>there a way in tomcat to reject the connection of http to a specific page
>(ie securePage.jsp) but still allow http access to other pages (ie.
>standardPage.jsp).
>
>Pages like login, CC submission etc..  need to be secure and I want to make
>sure that they are always accessed via SSL.
>
>Hope there's an answer..
>
>--------------------------------
>Steve Mactaggart
>Senior Java Developer /
>Team Leader
>
>303 Sport
>BH: 9620 7477
>FAX 9620 7377
>--------------------------------
>
>
>
>
>--
>To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
>For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
>Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
>
>

--
corey a. johnson <><> cni <><> 1.321.259.1984 <><> 1.800.264.5547




--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>



--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message