Hi all! I discover a few days ago the famous article at JavaWorld by Steve Ditlinger (http://www.javaworld.com/javaworld/jw-02-2002/jw-0215- ssl.html).
Then after looking at the archives of this mail-list I discovered HE actually made an implementation of the ideas expressed on the article as a struts extension (http://struts.ditlinger.com). Well, I'm in the middle of the development of a web-app using Struts. So I decided to try it! Thanks Steve, is really cool!!! It gave me a little trouble on the beggining, but were about just config issues. (I trully encourage you to document the extension a little more ;-) ). Now I have a little problem: I have this logon action defined in my struts-config.xml: <action path="/logon" type="com.factoringmarket.web.LogonAction" name="logonForm" scope="request" input="/logon.jsp"> <set-property property="secure" value="true"/> </action> That call it from my jsp this way: <sslext:form action="/logon" focus="membername"> ....... </sslext:form> My problem comes when in the LogonAction's perform() I return a forward to a non-secure page that is actually defined in the struts-config.xml file as a global forward like this: <global-forwards>..... <forward name="account.fwd" path="/account.do" /> ...</global-forwards> Then I got the pop-up message in the browser: "You are about to be redirected to a connection that is not secure. The information you are sending to the current site might be retransmitted to a nonsecure site. Do you wish to continue?" So I got curious and checked the transmition with a protocol analizer and I can clearly see in the transmition: "GET/account.do?membername=someuser&password=prettycat".... So I'm confused... Why's happening this? what am I doing wrog? How can avoid this retransmition? :-O Thanks a lot guys! ___________________________________________________________________ Consigue tu e-mail gratuito TERRA.COM.CO Haz click en http://www1.terra.com.co/correo -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
