tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andy Eastham" <andy.east...@gliant.com>
Subject RE: Require a secure connection
Date Thu, 16 Jan 2003 22:29:45 GMT
try:

if (!request.isSecure())
{
	// abort code here
}

You can put this in a superclass of all your secure servlets if you like.

Andy

> -----Original Message-----
> From: neal [mailto:nealcabage@yahoo.com]
> Sent: 16 January 2003 22:09
> To: Tomcat Users List
> Subject: Require a secure connection
>
>
> Does anyone know how to *require* that a page be accessed only
> via a secure
> connection?
>
> For instance, I *can* request a secure connection to a page by going to
> "https://" and the url ... but how do I prevent a user from going to
> "http://" to request that same page?
>
> Would this be a proxy thing or is something I can set in Tomcat?  Is there
> something that wouldn't require the overhead of reflecting upon
> every single
> request at the Java level?
>
> Thanks.
> neal
>
>
> --
> To unsubscribe, e-mail:
> <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
> <mailto:tomcat-user-help@jakarta.apache.org>
>
>



--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message