tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cook, Christopher H (IndSys, GE Interlogix)" <>
Subject Selecting which pages to use SSL with
Date Tue, 17 Dec 2002 20:43:03 GMT
The documentation supplied for tomcat that pertains to the configuration of ssl states -
"indeed a developer can pick and choose which pages require a secure connection and which
do not. For a reasonably busy site, it is customary to only run certain pages under SSL, namely
those pages where sensitive information could possibly be exchanged. ...  Any pages which
absolutely require a secure connection should check the protocol type associated with the
page request and take the appropriate action of https is not specified."

I have SSL set up in my application currently, so that any page I request can either use https
or http.  How do restrict access to some pages using http, while allowing others to use it?
 Basically how do I implement the scenario's described in the above passage?  Or where is
there documentation on this?



To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message