RE: Implementing HTTPS in Struts

2002-02-04 Thread Ditlinger, Steve 


Hmmm. I just tried it again to be sure and it worked.  
Maybe it is just slow.

Try this one, maybe you can reach it better.

http://us.f1.yahoofs.com/users/aee2731f/bc/public/Struts+Security+Extension.
jar?bcB4.X8AlFd_32Ts


HTH,

Steve

-Original Message-
From: Rob Breeds [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 04, 2002 4:07 AM
To: Struts Users Mailing List
Subject: Re: Implementing HTTPS in Struts



Steve

This link fails to load a complete page for me, and doesn't include a link!
Perhaps it's just me?

Rob




 

"Ditlinger,

Steve"   To: "'[EMAIL PROTECTED]'"
<[EMAIL PROTECTED]>,  
  
uilt.com>cc: "'[EMAIL PROTECTED]'"
<[EMAIL PROTECTED]>         
         Subject: Re: Implementing HTTPS
in Struts 
02/02/2002

00:30

Please respond

to "Struts

Users Mailing

List"

 

 






Robert:

We recently posted just such a solution.  Check it out at
http://struts.ditlinger.com.  There you will find a description of our
solution and a link to download our Struts extensions and example app.  If
you have any questions, please do not hesitate to ask.

Steve


>You wrote:
---
Hello all, my name is Rob Scaduto and I have just recently joined the
Struts
user mailing list. I have yet to find any resources talking about how to
handle switching between http and https (and vice versa) using struts. The
only solution I was able to come up with was sub classing the Struts
LinkTag
and adding a secure attribute. This would then dynamically build an
absolute
path based on the jsp. This works great when you use the forward or page
attribute, but doesn't work at all if you use the href attribute. I'd like
to have a solution that works in all cases and I was curious if someone
could add some insight. Thanks in advance, Rob


--
To unsubscribe, e-mail:   <
mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <
mailto:[EMAIL PROTECTED]>





--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

RE: Implementing HTTPS in Struts

2002-02-04 Thread Rob Breeds 

Steve

That second link gets me the jar. The original link still stops loading at
same point on my machine but now I've got access to a different machine and
that's fine. So it was me! Sorry!

Thanks

Rob



   

"Ditlinger,

Steve"   To: Rob Breeds/UK/IBM@IBMGB, Struts Users 
Mailing List
 

uilt.com>cc:   

         Subject: RE: Implementing HTTPS in Struts 

04/02/2002 

17:21  

Please respond 

to "Struts 

Users Mailing  

List"  

   

   






Hmmm. I just tried it again to be sure and it worked.
Maybe it is just slow.

Try this one, maybe you can reach it better.

http://us.f1.yahoofs.com/users/aee2731f/bc/public/Struts+Security+Extension
.jar?bcB4.X8AlFd_32Ts


HTH,

Steve

-Original Message-
From: Rob Breeds [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 04, 2002 4:07 AM
To: Struts Users Mailing List
Subject: Re: Implementing HTTPS in Struts



Steve

This link fails to load a complete page for me, and doesn't include a link!
Perhaps it's just me?

Rob






"Ditlinger,

Steve"   To: "'[EMAIL PROTECTED]'"
<[EMAIL PROTECTED]>,

uilt.com>cc: "'[EMAIL PROTECTED]'"
<[EMAIL PROTECTED]>
 Subject: Re: Implementing
HTTPS
in Struts
02/02/2002

00:30

Please respond

to "Struts

Users Mailing

List"










Robert:

We recently posted just such a solution.  Check it out at
http://struts.ditlinger.com.  There you will find a description of our
solution and a link to download our Struts extensions and example app.  If
you have any questions, please do not hesitate to ask.

Steve


>You wrote:
---
Hello all, my name is Rob Scaduto and I have just recently joined the
Struts
user mailing list. I have yet to find any resources talking about how to
handle switching between http and https (and vice versa) using struts. The
only solution I was able to come up with was sub classing the Struts
LinkTag
and adding a secure attribute. This would then dynamically build an
absolute
path based on the jsp. This works great when you use the forward or page
attribute, but doesn't work at all if you use the href attribute. I'd like
to have a solution that works in all cases and I was curious if someone
could add some insight. Thanks in advance, Rob


--
To unsubscribe, e-mail:   <
mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <
mailto:[EMAIL PROTECTED]>





--
To unsubscribe, e-mail:   <
mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <
mailto:[EMAIL PROTECTED]>





--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Implementing HTTPS in Struts

2002-02-04 Thread Nick Torenvliet 


- Original Message -
From: "Rob Breeds" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
Sent: Monday, February 04, 2002 1:12 PM
Subject: RE: Implementing HTTPS in Struts


> Steve
>
> That second link gets me the jar. The original link still stops loading at
> same point on my machine but now I've got access to a different machine
and
> that's fine. So it was me! Sorry!
>
> Thanks
>
> Rob
>
>
>
>
> "Ditlinger,
> Steve"   To: Rob Breeds/UK/IBM@IBMGB,
Struts Users Mailing List
> 
>     uilt.com>cc:
>  Subject: RE: Implementing
HTTPS in Struts
> 04/02/2002
> 17:21
> Please respond
> to "Struts
> Users Mailing
> List"

>
>
>
>
>
>
>
> Hmmm. I just tried it again to be sure and it worked.
> Maybe it is just slow.
>
> Try this one, maybe you can reach it better.
>
>
http://us.f1.yahoofs.com/users/aee2731f/bc/public/Struts+Security+Extension
> .jar?bcB4.X8AlFd_32Ts
>
>
> HTH,
>
> Steve
>
> -Original Message-
> From: Rob Breeds [mailto:[EMAIL PROTECTED]]
> Sent: Monday, February 04, 2002 4:07 AM
> To: Struts Users Mailing List
> Subject: Re: Implementing HTTPS in Struts
>
>
>
> Steve
>
> This link fails to load a complete page for me, and doesn't include a
link!
> Perhaps it's just me?
>
> Rob
>
>
>
>
>
>
> "Ditlinger,
>
> Steve"   To:
"'[EMAIL PROTECTED]'"
> <[EMAIL PROTECTED]>,
>  "'[EMAIL PROTECTED]'"
> <[EMAIL PROTECTED]>
> uilt.com>cc: "'[EMAIL PROTECTED]'"
> <[EMAIL PROTECTED]>
>  Subject: Re: Implementing
> HTTPS
> in Struts
> 02/02/2002
>
> 00:30
>
> Please respond
>
> to "Struts
>
> Users Mailing
>
> List"
>
>
>
>
>
>
>
>
>
>
> Robert:
>
> We recently posted just such a solution.  Check it out at
> http://struts.ditlinger.com.  There you will find a description of our
> solution and a link to download our Struts extensions and example app.  If
> you have any questions, please do not hesitate to ask.
>
> Steve
>
>
> >You wrote:
> ---
> Hello all, my name is Rob Scaduto and I have just recently joined the
> Struts
> user mailing list. I have yet to find any resources talking about how to
> handle switching between http and https (and vice versa) using struts. The
> only solution I was able to come up with was sub classing the Struts
> LinkTag
> and adding a secure attribute. This would then dynamically build an
> absolute
> path based on the jsp. This works great when you use the forward or page
> attribute, but doesn't work at all if you use the href attribute. I'd like
> to have a solution that works in all cases and I was curious if someone
> could add some insight. Thanks in advance, Rob
>
>
> --
> To unsubscribe, e-mail:   <
> mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <
> mailto:[EMAIL PROTECTED]>
>
>
>
>
>
> --
> To unsubscribe, e-mail:   <
> mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <
> mailto:[EMAIL PROTECTED]>
>
>
>
>
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

RE: Implementing HTTPS in Struts

2002-02-05 Thread Robert Scaduto 

Steve,

Thank you for your response.  I have taken a look at your https framework
and I it looks great. I do have one concern though.

In looking through the code I noticed that if a non-secure request comes in
to a action marked as secure, the framework will persist the request
attributes in the session and tell the browser to re-direct using https.
However this allows the parameters in the form or querystring to go across
the network un-encrypted before the framework can perform the redirect.

My thought was that the same SecureRequestUtils.computeURL() function should
also be used by the form tag to determine, before the form is rendered, that
the post should be transmitted via https.  This would require subclassing
the struts FormTag as well.

Am I totally off base here?

-Rob

-Original Message-
From: Ditlinger, Steve [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 01, 2002 7:30 PM
To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'
Cc: '[EMAIL PROTECTED]'
Subject: Re: Implementing HTTPS in Struts



Robert:

We recently posted just such a solution.  Check it out at
http://struts.ditlinger.com.  There you will find a description of our
solution and a link to download our Struts extensions and example app.  If
you have any questions, please do not hesitate to ask.

Steve


>You wrote:
---
Hello all, my name is Rob Scaduto and I have just recently joined the Struts
user mailing list. I have yet to find any resources talking about how to
handle switching between http and https (and vice versa) using struts. The
only solution I was able to come up with was sub classing the Struts LinkTag
and adding a secure attribute. This would then dynamically build an absolute
path based on the jsp. This works great when you use the forward or page
attribute, but doesn't work at all if you use the href attribute. I'd like
to have a solution that works in all cases and I was curious if someone
could add some insight. Thanks in advance, Rob


--
To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Re: Implementing HTTPS in Struts

2002-02-05 Thread Max Cooper 

Rob,

You are absolutely correct that that is an issue. Our proposed solution for
it is to modify (or extend until this functionality is integrated into
Struts) the Struts form tag as you suggest, so that it will compute the
right URL, which may be an absolute https URL if the target action is
secure.

The primary mechanism for doing the HTTP/HTTPS switching is the extended
tags that compute the proper URL. The redirecting stuff is secondary and
only there in the case that someone makes an errant request (by typing the
URL, bad bookmark, etc.).

-Max

- Original Message -
From: "Robert Scaduto" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
Sent: Tuesday, February 05, 2002 2:22 PM
Subject: RE: Implementing HTTPS in Struts


> Steve,
>
> Thank you for your response.  I have taken a look at your https framework
> and I it looks great. I do have one concern though.
>
> In looking through the code I noticed that if a non-secure request comes
in
> to a action marked as secure, the framework will persist the request
> attributes in the session and tell the browser to re-direct using https.
> However this allows the parameters in the form or querystring to go across
> the network un-encrypted before the framework can perform the redirect.
>
> My thought was that the same SecureRequestUtils.computeURL() function
should
> also be used by the form tag to determine, before the form is rendered,
that
> the post should be transmitted via https.  This would require subclassing
> the struts FormTag as well.
>
> Am I totally off base here?
>
> -Rob
>
> -Original Message-
> From: Ditlinger, Steve [mailto:[EMAIL PROTECTED]]
> Sent: Friday, February 01, 2002 7:30 PM
> To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'
> Cc: '[EMAIL PROTECTED]'
> Subject: Re: Implementing HTTPS in Struts
>
>
>
> Robert:
>
> We recently posted just such a solution.  Check it out at
> http://struts.ditlinger.com.  There you will find a description of our
> solution and a link to download our Struts extensions and example app.  If
> you have any questions, please do not hesitate to ask.
>
> Steve
>
>
> >You wrote:
> ---
> Hello all, my name is Rob Scaduto and I have just recently joined the
Struts
> user mailing list. I have yet to find any resources talking about how to
> handle switching between http and https (and vice versa) using struts. The
> only solution I was able to come up with was sub classing the Struts
LinkTag
> and adding a secure attribute. This would then dynamically build an
absolute
> path based on the jsp. This works great when you use the forward or page
> attribute, but doesn't work at all if you use the href attribute. I'd like
> to have a solution that works in all cases and I was curious if someone
> could add some insight. Thanks in advance, Rob
>
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
>
>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

RE: Implementing HTTPS in Struts

2002-02-06 Thread Robert Scaduto 

Thanks, Max,

In the mean time as a work around I will just mark the action called before
any secure data is posted is also secure, ensuring that the data is sent
encrypted.

Thanks Again,

Rob

-Original Message-
From: Max Cooper [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 05, 2002 7:04 PM
To: Struts Users Mailing List
Subject: Re: Implementing HTTPS in Struts


Rob,

You are absolutely correct that that is an issue. Our proposed solution for
it is to modify (or extend until this functionality is integrated into
Struts) the Struts form tag as you suggest, so that it will compute the
right URL, which may be an absolute https URL if the target action is
secure.

The primary mechanism for doing the HTTP/HTTPS switching is the extended
tags that compute the proper URL. The redirecting stuff is secondary and
only there in the case that someone makes an errant request (by typing the
URL, bad bookmark, etc.).

-Max

- Original Message -
From: "Robert Scaduto" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
Sent: Tuesday, February 05, 2002 2:22 PM
Subject: RE: Implementing HTTPS in Struts


> Steve,
>
> Thank you for your response.  I have taken a look at your https framework
> and I it looks great. I do have one concern though.
>
> In looking through the code I noticed that if a non-secure request comes
in
> to a action marked as secure, the framework will persist the request
> attributes in the session and tell the browser to re-direct using https.
> However this allows the parameters in the form or querystring to go across
> the network un-encrypted before the framework can perform the redirect.
>
> My thought was that the same SecureRequestUtils.computeURL() function
should
> also be used by the form tag to determine, before the form is rendered,
that
> the post should be transmitted via https.  This would require subclassing
> the struts FormTag as well.
>
> Am I totally off base here?
>
> -Rob
>
> -Original Message-
> From: Ditlinger, Steve [mailto:[EMAIL PROTECTED]]
> Sent: Friday, February 01, 2002 7:30 PM
> To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'
> Cc: '[EMAIL PROTECTED]'
> Subject: Re: Implementing HTTPS in Struts
>
>
>
> Robert:
>
> We recently posted just such a solution.  Check it out at
> http://struts.ditlinger.com.  There you will find a description of our
> solution and a link to download our Struts extensions and example app.  If
> you have any questions, please do not hesitate to ask.
>
> Steve
>
>
> >You wrote:
> ---
> Hello all, my name is Rob Scaduto and I have just recently joined the
Struts
> user mailing list. I have yet to find any resources talking about how to
> handle switching between http and https (and vice versa) using struts. The
> only solution I was able to come up with was sub classing the Struts
LinkTag
> and adding a secure attribute. This would then dynamically build an
absolute
> path based on the jsp. This works great when you use the forward or page
> attribute, but doesn't work at all if you use the href attribute. I'd like
> to have a solution that works in all cases and I was curious if someone
> could add some insight. Thanks in advance, Rob
>
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
>
>


--
To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

RE: Implementing HTTPS in Struts

2002-02-06 Thread Ditlinger, Steve 


Rob:

Yes that is they way we have used it.  People seem to like to see that
little lock display on the browser frame when they are entering "secret"
data, even though that does not specify how the data will actually be
posted.  We will be working on the FormTag to make the same changes we did
for the LinkTag soon.  When we do, we will repost our jar file.

Thanks for the feedback,
Steve

-Original Message-
From: Robert Scaduto [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 06, 2002 6:50 AM
To: Struts Users Mailing List
Subject: RE: Implementing HTTPS in Struts


Thanks, Max,

In the mean time as a work around I will just mark the action called before
any secure data is posted is also secure, ensuring that the data is sent
encrypted.

Thanks Again,

Rob

-Original Message-
From: Max Cooper [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 05, 2002 7:04 PM
To: Struts Users Mailing List
Subject: Re: Implementing HTTPS in Struts


Rob,

You are absolutely correct that that is an issue. Our proposed solution for
it is to modify (or extend until this functionality is integrated into
Struts) the Struts form tag as you suggest, so that it will compute the
right URL, which may be an absolute https URL if the target action is
secure.

The primary mechanism for doing the HTTP/HTTPS switching is the extended
tags that compute the proper URL. The redirecting stuff is secondary and
only there in the case that someone makes an errant request (by typing the
URL, bad bookmark, etc.).

-Max

- Original Message -
From: "Robert Scaduto" <[EMAIL PROTECTED]>
To: "Struts Users Mailing List" <[EMAIL PROTECTED]>
Sent: Tuesday, February 05, 2002 2:22 PM
Subject: RE: Implementing HTTPS in Struts


> Steve,
>
> Thank you for your response.  I have taken a look at your https framework
> and I it looks great. I do have one concern though.
>
> In looking through the code I noticed that if a non-secure request comes
in
> to a action marked as secure, the framework will persist the request
> attributes in the session and tell the browser to re-direct using https.
> However this allows the parameters in the form or querystring to go across
> the network un-encrypted before the framework can perform the redirect.
>
> My thought was that the same SecureRequestUtils.computeURL() function
should
> also be used by the form tag to determine, before the form is rendered,
that
> the post should be transmitted via https.  This would require subclassing
> the struts FormTag as well.
>
> Am I totally off base here?
>
> -Rob
>
> -Original Message-
> From: Ditlinger, Steve [mailto:[EMAIL PROTECTED]]
> Sent: Friday, February 01, 2002 7:30 PM
> To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'
> Cc: '[EMAIL PROTECTED]'
> Subject: Re: Implementing HTTPS in Struts
>
>
>
> Robert:
>
> We recently posted just such a solution.  Check it out at
> http://struts.ditlinger.com.  There you will find a description of our
> solution and a link to download our Struts extensions and example app.  If
> you have any questions, please do not hesitate to ask.
>
> Steve
>
>
> >You wrote:
> ---
> Hello all, my name is Rob Scaduto and I have just recently joined the
Struts
> user mailing list. I have yet to find any resources talking about how to
> handle switching between http and https (and vice versa) using struts. The
> only solution I was able to come up with was sub classing the Struts
LinkTag
> and adding a secure attribute. This would then dynamically build an
absolute
> path based on the jsp. This works great when you use the forward or page
> attribute, but doesn't work at all if you use the href attribute. I'd like
> to have a solution that works in all cases and I was curious if someone
> could add some insight. Thanks in advance, Rob
>
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
>
>


--
To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

RE: Implementing HTTPS in Struts

2002-02-10 Thread Steve Ditlinger 

Robert, All:

We have added SecureFormTag as an extension to FormTag for our implementation
of HTTPS/HTTP web application switching.  SecureFormTag will determine if the
action specified as the "action" attribute value should be called using SSL or
not.  The HTML "form" element it creates will then include an "action"
specifying the appropriate protocol (http or https) if that protocol does not
match the current protocol.  This is similar to the SecureLinkTag extension we
had done earlier.  Please try it out and let us know what you think.  You can
download it at http://struts.ditlinger.com.

Thanks,
Steve

__
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
http://greetings.yahoo.com

--
To unsubscribe, e-mail:   
For additional commands, e-mail:

RE: Implementing HTTPS in Struts

2002-02-01 Thread Robert Taylor 

>From Steve Ditlinger's earlier post (1/24/2002):


Common custom or not, I was deluged with messages from mail servers around
the world that the attachment would be removed.  So, we have now made the
source code and sample app (sans the jsse jars) available at
http://struts.ditlinger.com and
http://us.f1.yahoofs.com/users/aee2731f/bc/public/Security+Extension+To+Stru
ts.jar?bcnjho8Ao43PhqrL.

Please try it out and let us know what you think.



HTH,

robert

> -Original Message-
> From: Robert Scaduto [mailto:[EMAIL PROTECTED]]
> Sent: Friday, February 01, 2002 5:23 PM
> To: 'Struts Users Mailing List'
> Subject: Implementing HTTPS in Struts
>
>
> Hello all, my name is Rob Scaduto and I have just recently joined
> the Struts
> user mailing list.
>
> I have yet to find any resources talking about how to handle switching
> between http and https (and vice versa) using struts.  The only solution I
> was able to come up with was sub classing the Struts LinkTag and adding a
> secure attribute.
>
> This would then dynamically build an absolute path based on the jsp.  This
> works great when you use the forward or page attribute, but
> doesn't work at
> all if you use the href attribute.
>
> I'd like to have a solution that works in all cases and I was curious if
> someone could add some insight.
>
> Thanks in advance,
>
> Rob
>
>
> --
> To unsubscribe, e-mail:
> 
> For additional commands, e-mail:
> 
>


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Implementing HTTPS in Struts

2002-02-01 Thread Max Cooper 

Rob,

A group of developers (including me) recently proposed a Struts
change/extension to handle that very situation. The basic principle in the
proposal is that you can mark an action mapping as "secure", and the
html:link tag will adjust the URL of links to that action accordingly. It
also goes the other direction, by generating absolute, non-secure links back
to non-secure actions. There is some other functionality in there, too, but
the main concept is that you can just specify what actions you want to be
secure, and the framework takes care of the rest.

You can get more information and download the code (including an example
app) here:
http://struts.ditlinger.com/

Please give us your feedback.

-Max

- Original Message -
From: "Robert Scaduto" <[EMAIL PROTECTED]>
To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]>
Sent: Friday, February 01, 2002 2:22 PM
Subject: Implementing HTTPS in Struts


> Hello all, my name is Rob Scaduto and I have just recently joined the
Struts
> user mailing list.
>
> I have yet to find any resources talking about how to handle switching
> between http and https (and vice versa) using struts.  The only solution I
> was able to come up with was sub classing the Struts LinkTag and adding a
> secure attribute.
>
> This would then dynamically build an absolute path based on the jsp.  This
> works great when you use the forward or page attribute, but doesn't work
at
> all if you use the href attribute.
>
> I'd like to have a solution that works in all cases and I was curious if
> someone could add some insight.
>
> Thanks in advance,
>
> Rob
>
>
> --
> To unsubscribe, e-mail:

> For additional commands, e-mail:

>
>


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Implementing HTTPS in Struts

2002-02-01 Thread cahana 

Steve Ditlinger and his group have come up with a good solution.  You can
download a sample program at http://struts.ditlinger.com.

- Original Message -
From: "Robert Scaduto" <[EMAIL PROTECTED]>
To: "'Struts Users Mailing List'" <[EMAIL PROTECTED]>
Sent: Friday, February 01, 2002 12:22 PM
Subject: Implementing HTTPS in Struts


> Hello all, my name is Rob Scaduto and I have just recently joined the
Struts
> user mailing list.
>
> I have yet to find any resources talking about how to handle switching
> between http and https (and vice versa) using struts.  The only solution I
> was able to come up with was sub classing the Struts LinkTag and adding a
> secure attribute.
>
> This would then dynamically build an absolute path based on the jsp.  This
> works great when you use the forward or page attribute, but doesn't work
at
> all if you use the href attribute.
>
> I'd like to have a solution that works in all cases and I was curious if
> someone could add some insight.
>
> Thanks in advance,
>
> Rob
>
>
> --
> To unsubscribe, e-mail:

> For additional commands, e-mail:

>


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Implementing HTTPS in Struts

2002-02-01 Thread Ditlinger, Steve 


Robert:

We recently posted just such a solution.  Check it out at
http://struts.ditlinger.com.  There you will find a description of our
solution and a link to download our Struts extensions and example app.  If
you have any questions, please do not hesitate to ask.

Steve


>You wrote:
---
Hello all, my name is Rob Scaduto and I have just recently joined the Struts
user mailing list. I have yet to find any resources talking about how to
handle switching between http and https (and vice versa) using struts. The
only solution I was able to come up with was sub classing the Struts LinkTag
and adding a secure attribute. This would then dynamically build an absolute
path based on the jsp. This works great when you use the forward or page
attribute, but doesn't work at all if you use the href attribute. I'd like
to have a solution that works in all cases and I was curious if someone
could add some insight. Thanks in advance, Rob 


--
To unsubscribe, e-mail:   
For additional commands, e-mail:

Re: Implementing HTTPS in Struts

2002-02-04 Thread Rob Breeds 


Steve

This link fails to load a complete page for me, and doesn't include a link!
Perhaps it's just me?

Rob




   

"Ditlinger,

Steve"   To: "'[EMAIL PROTECTED]'" 
<[EMAIL PROTECTED]>,  
  
uilt.com>cc: "'[EMAIL PROTECTED]'" 
<[EMAIL PROTECTED]>         
         Subject: Re: Implementing HTTPS in Struts 

02/02/2002 

00:30  

Please respond 

to "Struts 

Users Mailing  

List"  

   

   






Robert:

We recently posted just such a solution.  Check it out at
http://struts.ditlinger.com.  There you will find a description of our
solution and a link to download our Struts extensions and example app.  If
you have any questions, please do not hesitate to ask.

Steve


>You wrote:
---
Hello all, my name is Rob Scaduto and I have just recently joined the
Struts
user mailing list. I have yet to find any resources talking about how to
handle switching between http and https (and vice versa) using struts. The
only solution I was able to come up with was sub classing the Struts
LinkTag
and adding a secure attribute. This would then dynamically build an
absolute
path based on the jsp. This works great when you use the forward or page
attribute, but doesn't work at all if you use the href attribute. I'd like
to have a solution that works in all cases and I was curious if someone
could add some insight. Thanks in advance, Rob


--
To unsubscribe, e-mail:   <
mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <
mailto:[EMAIL PROTECTED]>





--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>