I have <transport-guarantee>CONFIDENTIAL</transport-guarantee> in my web.xml to required SSL be used to login. In an ideal world, tomcat would detect that the user is using http and switch them to https for the authentication. And it looks like Tomcat is "trying" to do this with IE.
When I navigate to an unsecured page (the welcome jsp), and then try to go to a secured page, I am prompted to accept the certificate. If I click "yes" then I get a "Cannot find Server" error - so it looks like its trying to switch me, or I wouldn't get prompted for the cert. In Mozilla will redirect you to the SSL port for authentication. Must be a bug in IE, or its communication with the webserver. Does anyone know anything about this? Thanks, Matt