subject:"how to auto redirect to https from http"

Re: how to auto redirect to https from http

2008-02-11 Thread Christopher Schultz

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dave, Dave wrote: | The url is not changed when I point to | http://www.mydomain.com/login.html in browser. The .html is mapped to | servlet. I expected it to change to https:// I think David identified part of the problem: your XML is not set

Re: how to auto redirect to https from http

2008-02-07 Thread Dave

Chris, The url is not changed when I point to http://www.mydomain.com/login.html in browser. The .html is mapped to servlet. I expected it to change to https:// So it is not secure to start as http and then switch to https to use the same http session because session id to

Re: how to auto redirect to https from http

2008-02-07 Thread David Brown

Hello Dave, this is not exactly the answer you are looking for but I have been concerned with public web security for a long time and I have finally resigned myself to the fact that if you are using login pages that process user ids and passwords and other confidential info that

Re: how to auto redirect to https from http

2008-02-07 Thread Christopher Schultz

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dave, Dave wrote: | I moved the user-data-constraint inside the web-resource-collection as the following: | |security-constraint | web-resource-collection | web-resource-nameAutomatic SLL

Re: how to auto redirect to https from http

2008-02-07 Thread Dave

Hi Chris, I moved the user-data-constraint inside the web-resource-collection as the following: security-constraint web-resource-collection web-resource-nameAutomatic SLL Forwarding/web-resource-name

Re: how to auto redirect to https from http

2008-02-07 Thread Christopher Schultz

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dave, Dave wrote: | I tried the method, it worked. | But when I tried to protect login page only, | | web-resource-collection | web-resource-nameprotected pages/web-resource-name |

Re: how to auto redirect to https from http

2008-02-07 Thread Dave

Hi Hazem, Thanks, I tried the method, it worked. But when I tried to protect login page only, web-resource-collection web-resource-nameprotected pages/web-resource-name url-pattern/login.jsp/url-pattern /web-resource-collection

Re: how to auto redirect to https from http

2008-02-07 Thread Hazem DAOUD

Hi Dave, Try to add this to web.xml under tomcat_install_dir/conf: /security-constraint web-resource-collection web-resource-nameProtected Context/web-resource-name url-pattern/*/url-pattern /web-resource-collection !-- auth-constraint goes here if you requre

Re: how to auto redirect to https from http

2008-02-07 Thread Bill Barker

Christopher Schultz [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dave, Dave wrote: | I moved the user-data-constraint inside the web-resource-collection as the following: | |security-constraint |

Re: how to auto redirect to https from http

Re: how to auto redirect to https from http

Re: how to auto redirect to https from http

Re: how to auto redirect to https from http

Re: how to auto redirect to https from http

Re: how to auto redirect to https from http

Re: how to auto redirect to https from http

Re: how to auto redirect to https from http

Re: how to auto redirect to https from http

9 matches

Site Navigation

Mail list logo

Footer information