For performance reasons.
I'll take a look at single sign on.
Thanks
Mariano López
-Mensaje original-
De: Parsons Technical Services [mailto:[EMAIL PROTECTED]
Enviado el: jueves, 27 de mayo de 2004 13:48
Para: Tomcat Users List; [EMAIL PROTECTED]
Asunto: Re: How to force only page login SSL and rest NON SSL
Mariano,
Two thing come to mind:
1. Why not just leave it in SSL?
2. You have a problem of losing the session. When you move from SSL to NON
SSL page you lose the session and create a new one. This is for security
reasons.
Past that the only thing that come to mind is Single sign on. There are
others more knowledgeable than me on this.
Doug
www.parsonstechnical.com
- Original Message -
From: "Mariano" <[EMAIL PROTECTED]>
To: "'Tomcat Users List'" <[EMAIL PROTECTED]>
Sent: Thursday, May 27, 2004 6:37 AM
Subject: How to force only page login SSL and rest NON SSL
> Hi everybody
>
> I want to force my page login via SSL, and i did it with:
>
>
>
> SSL
> /Comun/LoginUsuario.jsp
>
>
> CONFIDENTIAL
>
>
>
> but when i want validate an user i like to force rest of pages via NON
SSL,
> i have tried it with other :
>
>
>
> Aplicacion de IGeSan
> /IGeSan/*
>
>
> NONE
>
>
>
> But when i do the "response.sendRedirect(user.getAppPage());" always do it
> in SSL mode.
>
> Any ideas.
>
> Thanks
>
> Mariano Lopez
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]