This content has been marked as final.
Show 3 replies
-
1. Re: Redirect to HTTPS
andy.2003 Apr 24, 2006 2:20 PM (in response to neillane)try to put this in your wen.xml and set the <url-pattern>/*</url-pattern> to your secured site
<security-constraint> <web-resource-collection> <web-resource-name>SSL Pages</web-resource-name> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>PUT</http-method> <http-method>POST</http-method> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
you have to enable the SSL in your tomcat as well.
- Andreas -
2. Re: Redirect to HTTPS
perwik Apr 25, 2006 4:51 PM (in response to neillane)Not being the original poster I can't be sure of what he wanted, but what I think he wanted (and would like to do myself) is to access the exact same pages as before login (plus those that the user now has access to, of course) but through https. So there isn't really a specific url-pattern to use here. What I want to do is basically just insert an 's' into the URL.
-
3. Re: Redirect to HTTPS
andy.2003 Apr 25, 2006 8:42 PM (in response to neillane)Why you want the site unsecure before login and secure after login? I think the easiest way is to make a page commonly secure or not (if private information is entered the page should be secure in general)