I needed to switch some pages in my web application over to HTTPS mode (login, data entry, etc.) then switch back to HTTP for pages that do not require it. Using sslext I am able to do that and it works fairly well. Except...I have run into one problem. My web application also has switching between pages for non-logged in users and logged in users. So non-logged in users have a URI where I have something like this - <context_root>/public and logged in users have a URI something like - <context_root>/secure
My web.xml is configured for authentication where any URI with "/secure" with require a user that is authenticated (logged in). Prior to implementing SSL I could enter a URL to my application that contained "/secure" and Tomcat would bring up the login screen. After I logged in the authentication process would automatically take me to the page I had requested in my URL. Now that I have sslext implemented the same test does not work. When I enter a URL containing "/secure" the login screen pops up, I login but then the authentication process does not know were to go. It does not continue on to the requested URL. While experimenting with the problem I found that I could make it work again by setting the page I requested in the URL to require HTTPS. So now that the sslext mechanism makes sure the login page switches to HTTPS, it breaks the automatic, post-login forwarding to the requested URL unless that URL is also an HTTPS page. Does anyone know of a way to use/configure sslext so it doesn't do that? Or is it a Struts configuration that I need to fix? Thanks, -sonavor -- View this message in context: http://www.nabble.com/Struts-forwarding-problem-after-adding-sslext-tp25774786p25774786.html Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
