RE: Switching between http and https in struts-config

[Mark Benussi]

Yep you need to use http://sslext.sourceforge.net/

-Original Message-
From: Dan Tenenbaum [mailto:[EMAIL PROTECTED] 
Sent: 13 June 2005 20:45
To: user@struts.apache.org
Subject: Switching between http and https in struts-config

Hi, I'm new to the list.

I'm working on a webapp where some of the pages should be accessed
through HTTPS and others through HTTP.

For example, login and registration need to be secure, but once the
registration is done and we go to the user home page, we can go back
to the nonsecure site.

All pages, secure and nonsecure, are being served by the same Tomcat
instance.

I'm wondering about the best way to handle this in the struts config
file. If you are allowed to put fully qualified URLS in a forward
path attribute, that could be one solution, but it loses portability
and that file has to be edited every time we want to deploy the app to
another machine with another hostname.

To be more concrete, let's say we go to this page:
https://mysite.com/appname/login.do

The action contains multiple forwards, all of which will continue to
be served by https since we started with an https url. But I want at
least one of those forwards to return to the nonsecure site. (I also
want to do the converse).

Anyone have some ideas on this?
Thanks

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Switching between http and https in struts-config

[Frank W. Zammetti]

You can, I believe, have fully-qualified URLs in forward paths... One
thing you might be able to do is have mappings something like:

forward name=non_secured_forward
path=/whatever/jsp/page1.jsp /
forward name=secured_forward
path=/whatever/jsp/page2.jsp /

Then, in your Action, do something  like this:

boolean isSecure = true;
if (isSecure) {
  ActionForward af = mapping.findForward(secured_forward);
  ActionForward af1 = new ActionForward(af);
  af1.setRedirect(true);
  return af1.setPath(https:/ + af.getPath());
} else {
  ActionForward af = mapping.findForward(non_secured_forward);
  ActionForward af1 = new ActionForward(af);
  af1.setRedirect(true);
  return af1.setPath(http:/ + af.getPath());
}

A bit ugly, and probably ripe for making an external utility method
somewhere, but should work I think.

-- 
Frank W. Zammetti
Founder and Chief Software Architect
Omnytex Technologies
http://www.omnytex.com

On Mon, June 13, 2005 3:44 pm, Dan Tenenbaum said:
 Hi, I'm new to the list.

 I'm working on a webapp where some of the pages should be accessed
 through HTTPS and others through HTTP.

 For example, login and registration need to be secure, but once the
 registration is done and we go to the user home page, we can go back
 to the nonsecure site.

 All pages, secure and nonsecure, are being served by the same Tomcat
 instance.

 I'm wondering about the best way to handle this in the struts config
 file. If you are allowed to put fully qualified URLS in a forward
 path attribute, that could be one solution, but it loses portability
 and that file has to be edited every time we want to deploy the app to
 another machine with another hostname.

 To be more concrete, let's say we go to this page:
 https://mysite.com/appname/login.do

 The action contains multiple forwards, all of which will continue to
 be served by https since we started with an https url. But I want at
 least one of those forwards to return to the nonsecure site. (I also
 want to do the converse).

 Anyone have some ideas on this?
 Thanks

 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]