tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Caldarale, Charles R" <Chuck.Caldar...@unisys.com>
Subject RE: j_security_check with https
Date Tue, 06 Jan 2009 18:50:44 GMT
> From: Diego Armando Gusava [mailto:diegogusava@gmail.com]
> Subject: Re: j_security_check with https
>
> when i try to access mySecurePath for example, tomcat show me a login
> page with https but after that i dont need for example be with https,
> because i only need to send protected username and password.
>
> i want to only need login.jsp with https!!

You cannot switch a secure (HTTPS) session to an insecure transport (HTTP) - your login would
be worthless if you could.  Once you log in via SSL, you'll need to stay with HTTPS to utilize
the session.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus
for use only by the intended recipient. If you received this in error, please contact the
sender and delete the e-mail and its attachments from all computers.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message