tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Need some SSL Config help.
Date Fri, 14 Aug 2009 14:30:39 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Josh,

On 8/13/2009 2:38 PM, Josh Gooding wrote:
> So I navigated to https://(domain).com and low and behold it works :).

Glad it's working for you.

> Next few questions:

Well, it's your thread, so I guess hijacking isn't that big of a deal...

> #1 - I have deployed an application that uses a realm and has a Login.jsp
> page.  The Login.jsp is required and you cannot navigate anywhere in the
> application until you have logged in.  How can I make the Login.jsp page
> fall under the SSL, then drop off after the authentication?

This has been covered in the past. Please search the archives for things
like "https authentication" and other things. You can even include my
name in that search, since I've given some IMHO relatively comprehensive
responses.

> #2 - Right now when I go to https://(domain).com/company1/ it drops the
> HTTPS.  I don't want that.  Any pointers?

Uh... you are probably building a URL somewhere in your webapp that
redirects to an explicitly non-secure URL. Search your webapp for
"sendRedirect", or whatever is appropriate if you are using a web
application framework that includes similar capabilities.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqFdQ8ACgkQ9CaO5/Lv0PCjnQCgmado+nZVj3+hBB8JjNRxMOb/
PyQAn2ETb6KifsLdCVU3cvY+nMUCUFTC
=q3UN
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message