tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Trevor MacPhail <trevor.macphail.li...@shaw.ca>
Subject Re: Apache-Tomcat
Date Sat, 26 Oct 2002 04:01:32 GMT
If you were to do this, wouldnt GET or POST form data be sent through 
the unsecure http connection instead of the https connection you are 
going to redirect to? By that time, the data would have been transmitted 
through and unsecure connection which eliminates the need to bother with 
a secure connection.

-- 
Trevor MacPhail

Graham King wrote:

> See javax.servlet.ServletRequest.isSecure()
>
>  This should do it:
>
>  if ( request.isSecure() ) {
>     // All is well
>  }
>  else {
>     // Redirect to https site
>  }
>
>
> Turner, John wrote:
>
>> I only know the inelegant, brute force way, which is to check the 
>> request
>> object for the request type, and if it's "http" when it should be 
>> "https",
>> do a redirect to the same URL but with "https" prepended.
>>
>> There's probably a much more robust and correct way to do this using 
>> Tomcat
>> security restrictions and realms, but I haven't worked with them that 
>> much,
>> so I don't want to give you wrong information.  Lots of people on the 
>> list
>> have done this, though, so perhaps the best way to proceed would be 
>> to start
>> a new thread with a new subject about restricting particular URLs to 
>> SSL.
>>
>> John
>>
>>
>>
>>> -----Original Message-----
>>> From: Christie I [mailto:christie_iii@yahoo.com]
>>> Sent: Friday, October 25, 2002 1:04 AM
>>> To: Tomcat Users List
>>> Subject: RE: Apache-Tomcat
>>>
>>>
>>>
>>> Hi
>>>
>>> Thank you very much John. It worked!. I have one last problem. Iam 
>>> running Openssl. Iam having *.jsp files in my webapps/myproject 
>>> directory that some of the files needs to be accessed by https and 
>>> not thru http? How to do this?
>>>
>>> for eg :https://0.0.0.0/welcome.jsp  should not be accessed thru 
>>> http://0.0.0.0 ? How to do restrict this?
>>>
>>> Thanks in advance
>>>
>>>
>>>
>>>
>>> ---------------------------------
>>> Get a bigger mailbox -- choose a size that fits your needs.
>>>
>>
>>
>> -- 
>> To unsubscribe, e-mail:   
>> <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
>> For additional commands, e-mail: 
>> <mailto:tomcat-user-help@jakarta.apache.org>
>>
>
>
> -- 
> To unsubscribe, e-mail:   
> <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: 
> <mailto:tomcat-user-help@jakarta.apache.org>
>
>




--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message