This you do this is your struts config: <plug-in className="org.apache.struts.action.SecurePlugIn"> <set-property property="httpPort" value="80"/> <set-property property="httpsPort" value="443"/> <set-property property="enable" value="true"/> <set-property property="addSession" value="true"/> </plug-in>
There is also a Tomcat config for SSL. Also, I didn't put my login.jsp (or whatever) in the special /WEB-INF/ directory. Seems like it should work, but I would try something simple first i.e. /login.jsp. Get it working off the ROOT them play around with the placement. -----Original Message----- From: Tremal Nailk <[EMAIL PROTECTED]> Sent: Aug 1, 2005 7:06 AM To: Struts Users Mailing List <user@struts.apache.org> Subject: Re: integration between sslext and servlet auth 2005/7/29, Jim Kennedy <[EMAIL PROTECTED]>: > I had to do this to make it work. sorry, but it doesn't work, or better, it doesn't work for me . The problem is that when I try to access a protected resource the browser's request is redirected to the root of the app: http://localhost:8080/myapp/ so the login page is displayed on a insecure channel. If I type manually the complete url of the login page now it's displayed on a secure channel, anyway: http://localhost:8080/myapp/logon.jsp is redirected to http://localhost:8443/myapp/logon.jsp But I,m sure I'd solve the problem if someone told me why I can't list the contents of the WEB-INF folder. As an example: if I type http://localhost:8080/myapp/jsp/ which is on the same level of WEB-INF I can see the directory listing. If I type http://localhost:8080/myapp/WEB-INF/ I get a HTTP Status 404: The requested resource (/myapp/WEB-INF/) is not available. I'm deploying on a windows 2K machine (tomcat 5.0 jboss), so I should not have reading permission thanks in advance -- TREMALNAIK --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]