Cool, thanks! On Mon, 2002-12-09 at 15:52, Turner, John wrote: > > Once you serve content via SSL, further URLs can be relative. There is no > requirement that all SSL-based URLs be hardcoded. > > If you have myApp/whatever.jsp in your content, and the request originated > via SSL, the URL will be converted to > https://some.server.com/myApp/whatever.jsp on the fly. > > Since best practice for SSL is to protect ALL content in the SSL-enabled > "area" and not just the page that asks for a password or credit card number, > the scenario above happens by default. > > The only time you need to hardcode the entire URL is when you want to switch > from SSL to non-SSL, or non-SSL to SSL, and that's because the switch is > done by the browser, not the server, and the browser needs to know whether > to attempt a connection to port 80 or port 443. > > John > > > -----Original Message----- > > From: Alexander Wallace [mailto:[EMAIL PROTECTED]] > > Sent: Monday, December 09, 2002 4:46 PM > > To: Tomcat Users List > > Subject: Advise on how to hanle url names when using https > > > > > > Hi there. Using apache + tomcat, is there a better/different way of > > reffering to resources (jsps/servlets) in an app when https > > is required > > other than hardcoding the full url > > (https://my.server.com/myapp/whatever.jsp) in the jsps and servlet's > > that whant to call those resources? > > > > Thanks. > > > > > > > > > > > > -- > > To unsubscribe, e-mail: > > <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: > > <mailto:[EMAIL PROTECTED]> > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> >
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
