I have Apache 2.2 sitting in front of my JBoss Portal 2.6.x install. I have Apache configured for SSL and use a couple of virtual host entries to force all Portal connections over to SSL (which is a security requirement for my Portal install).
This all works great, with one minor exception: When using Internet Explorer, every page submit causes the popup message "This page contains both secure and nonsecure items. Do you want to display the nonsecure items?". (Note that Firefox works great and doesn't complain)
This problem appears to be caused by any Portal content which internally references a URL via http:// (as opposed to https://). As a case in point, the Weather Portlet directly references URL http://us.rd.yahoo.com/dailynews/...
Does anyone know of a good solution to this problem? Or should I instead remove the SSL config from Apache and reconfigure JBoss Portal to handle the SSL footwork?
All opinions welcome and appreciated.