The best idea is to use Apache in front of Tomcat.
The advantages : - ability to use just one SSL certificate to handle multiple sites ( apps ) using mod_proxy module http://httpd.apache.org/docs/2.0/mod/mod_proxy.html - ability to rewrite URLs in any way to archieve desired behaviour http://httpd.apache.org/docs/2.0/misc/rewriteguide.html for example, it is easy to rewrite your login page to use http:// always : Example : 1) this forces to rewrite any URL with /login.jsp page to http:// RewriteEngine on RewriteCond %{SERVER_PORT} !^80$ RewriteRule ^/login.jsp http://your.site.com/login.jsp [L,R] 2) this forces to rewrite any URL with /secure/* page to https:// RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^/secure/(.*)$ https://your.site.com/secure/$1 [L,R] View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3902917#3902917 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3902917 ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user