try:
if (!request.isSecure())
{
// abort code here
}
You can put this in a superclass of all your secure servlets if you like.
Andy
> -----Original Message-----
> From: neal [mailto:[EMAIL PROTECTED]]
> Sent: 16 January 2003 22:09
> To: Tomcat Users List
> Subject: Require a secure connection
>
>
> Does anyone know how to *require* that a page be accessed only
> via a secure
> connection?
>
> For instance, I *can* request a secure connection to a page by going to
> "https://"; and the url ... but how do I prevent a user from going to
> "http://"; to request that same page?
>
> Would this be a proxy thing or is something I can set in Tomcat? Is there
> something that wouldn't require the overhead of reflecting upon
> every single
> request at the Java level?
>
> Thanks.
> neal
>
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
