On your end I think you should move the non-secure content in the pop up from outside of servlet/* to your secure area.
Hope that helps
Mr. Ariel S. Valentin mailto:[EMAIL PROTECTED]
From: "Anju Murthy" <[EMAIL PROTECTED]> Reply-To: "Tomcat Users List" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: SSL Help Date: Mon, 5 Jul 2004 10:22:56 +0530
Hi,
I have configured my application to run over SSL. I am forcing all requests to route to https using the following code in web.xml
<security-constraint> <web-resource-collection> <web-resource-name>LoginServlet</web-resource-name> <url-pattern>/servlet/*</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>*</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
I have my internet browser setting "warn if change between secure and non
secure mode" checked. When I log into my application for the first time, I
get a browser alert message saying I am moving into secure area.
After this, any navigation within the application does not display this
alert message. But if a popup window is opened from this page, I get two
alert messages. One says I am moving out of secure area and another saying I
am moving into secure area.
Is there a way to prevent these alert messages from coming up in popup windows?
Thanks Anju
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
_________________________________________________________________
Is your PC infected? Get a FREE online computer virus scan from McAfeeŽ Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
