tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Diego Armando Gusava" <diegogus...@gmail.com>
Subject Re: j_security_check with https
Date Tue, 06 Jan 2009 21:01:24 GMT
this didnt work

        <security-constraint>

		<web-resource-collection>
	
			<web-resource-name>Usuario</web-resource-name>	
			<url-pattern>/login/*</url-pattern>
			<http-method>POST</http-method>
			<http-method>GET</http-method>			

		</web-resource-collection>
			<user-data-constraint>
				<transport-guarantee>CONFIDENTIAL</transport-guarantee>
			</user-data-constraint>

	</security-constraint>

if i try <myAPP>/login/login.jsp  work, but when i try an action and
has restrict access, and havent user logged, tomcat redirect to login
page with http !!!

2009/1/6 Caldarale, Charles R <Chuck.Caldarale@unisys.com>:
>> From: Diego Armando Gusava [mailto:diegogusava@gmail.com]
>> Subject: Re: j_security_check with https
>>
>> when u login, your username and password will be transport https, but
>> after that, you are in http! u dont need https because, you are only
>> reading messages(emails)
>
> And what does that have to do with the behavior of a servlet container?
>
>  - Chuck
>
>
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and
is thus for use only by the intended recipient. If you received this in error, please contact
the sender and delete the e-mail and its attachments from all computers.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message