Hi there, Have you tried using the SSLext extension for Struts.
I've found it works quite well. Took a little tweaking but you can use a new type of form called sslext form. It work like html:form but set the action field to go through the correct https port. http://struts.ditlinger.com/ But the main advantage is that you can set action security in struts-config. Regards Steve Vanspall -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, 10 January 2003 10:03 AM To: [EMAIL PROTECTED] Subject: Struts forwards requests as http when jsp page was invoked as https Hello, I need help figuring out how to make my struts application work with ssl. I'll try to give a brief overview of what I'm doing: I invoke the mai.jsp file using https protocol. No problem there. Links off that page work fine because they are built as "https://somelink...". The problem is that when I click on any of the buttons defined inside a struts form it pops up a dialog box telling me that I'm about to be redirected to a connection that is not secure. If I click yes it goes to that page but the url is now "http://host:443/somelink...". I'm sure there is a way to get struts to build the url using the protocol I came into the application with but I can't figure it out. Any help would be greatly appreciated!! Here are some snippets of the main.jsp, struts-config.xml and java files. Code snippet from main.jsp file: <%@taglib uri="/WEB-INF/struts-html.tld" prefix="html" %> ... <html:form action="timesheetMain" method="POST"> ... <html:submit property="submitButton" value="Add" /> ... </html:form> ... Snippet from struts-config.xml file: <action path="/timesheetMain" type="com...." name="tsForm" scope="session" input="main.jsp"> <forward name="mainAdd" path="timesheetsummary.jsp"/> ... </action> ... Snippet from perform method of myAction class: ... ActionForward forward = mapping.findForward("addDetail"); ... return forward; ... -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>