Hi
Let me reply to a few of the emails.
>>the problem is your own encryption isn't signed by a third party, which
>>means if someone hack into your server, they could compromise the
>>security.
wouldn't this still be a problem if my public key was signed by a CA??
isn't the cert. for the client to verify who i am, this would not effect the
SSL encryption??????
>>Why don't you just build your redirect after they log in.
>>
>> response.sendRedirect("http://"; + request.getHostName() +
"/myApp/home.jsp");
i have tried this. What i am doing is using the login to set up a session
and adding a attribute to this session. Every jsp checks the session for
this object to verify that the user has logged in, if they have not or they
have logged out the user is unable to bookmark or go backward into the
website. Using the redirect like this some how interferes with the session
and messes up the checking. I am not sure why this happens?????
Glen
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
