I think you may do that the same way that hotmail and google does, namely;
immediatly redirecting the user after loggin and placing some user
authorized/online flag on a database
run ethereal and trace the request/responce conversation while logging into
hotmail . . .
----- Original Message -----
From: "VAN DER MARLIERE FREDERIC" <frederic.van_der_marliere@cdn.fr>
To: <tomcat-user@jakarta.apache.org>
Sent: Monday, December 27, 2004 10:03 AM
Subject: SSL encryption
> Hi all.
>
> I would like to encrypt my login process so that login and password are
not
> visible on the network. That's why I defined a SSL connector on port 8443
in
> my server.xml. My problem is that after the user logged in, request keep
on
> using the https protocol on port 8443.
>
> Does someone know how to encrypt only the login process and afterwards use
> the http protocol again, on port 8080 ?
>
> Thanks.
> Fred.
>
>
> ----------------------------------------------------
> Ce message et toutes les pieces jointes (ci-apres le "message") sont
confidentiels et etablis a l'intention exclusive de ses destinataires.
> Toute utilisation ou diffusion non autorisee est interdite.Tout message
electronique est susceptible d'alteration.
> Le CREDIT DU NORD et ses filiales declinent toute responsabilite au titre
de ce message s'il a ete altere, deforme ou falsifie.
> This message and any attachments ( the "message") are confidential and
intended solely for the addressees.
> Any unauthorised use or dissemination is prohibited.E-mails are
susceptible to alteration.
> Neither CREDIT DU NORD nor any of its subsidiaries or affiliates shall be
liable for the message if altered, changed or falsified.
> ----------------------------------------------------
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
|