What a shame - I would have thought this a common requirement. I want
to protect the admin password, but once logged in, there is a lot of
data to process, and it isn't very sensitive, so it doesn't make sense
to encrypt it.
So I just have to scrap the declarative method, and do it
Hi,
I want to protect the admin parts of my app.
I have made a security-constraint on my admin folders, and all works
fine - calling for any page in admin gets redirected to a login form.
However, I'd like the login form to be encrypted.
I have been able to get all the admin pages running on
John Pedersen wrote:
I have been able to get all the admin pages running on https, but I
want just the login page on https, and the actual admin pages using
http.
Can anyone suggest how to do this. Here is what I have in my web.xml (
this setup doesn't use https at all ):
Without modifying
