I think you are running into this issue: https://issues.apache.org/jira/browse/TAP5-2080 Seems due to political issues it will not be fixed, But the workaround in the issue should work for you. I feel your pain because I had to implement a similar workaround as well.
> On Oct 28, 2013, at 2:35 AM, Paul Stanton <p...@mapshed.com.au> wrote: > > Sorry for the thread revival, however I am coming up against the same problem. > > I have a page needs to be served via https for some customers and http for > others. > > If I request the page via https without the @Secure annotation, all ajax > event urls are incorrectly altered to: > http://domain:443/app/page:event > - both the protocol and port are incorrect in this case. > > If I request the page via https with the @Secure annotation, ajax event urls > are correctly altered to: > https://domain/app/page:event > > Another problem is, when requesting the page via http with the @Secure > annotation redirect incorrectly to https: > https://domain:80/app/page > <https://maps.vodafone.com.au:80/VHAMap-stage/publiccoverage/public-vf> > - not sure why port 80 is added, it is not needed in our config. > > > So my question is, how can I achieve the behaviour of @Secure dynamically and > only if the request is made over https? > > Thanks, Paul. > >> On 28/06/2012 10:20 PM, Thiago H de Paula Figueiredo wrote: >>> On Thu, 28 Jun 2012 03:52:24 -0300, Henrik von Schlanbusch >>> <hen...@enovate.no> wrote: >>> >>> Hi >> >> Hi! >> >>> Is it possible to have the same page secured and not secured? >>> I have a page now that need to be accessed via https. >>> Consequently I have annotated it with @Secure. >> >> You misuderstood @Secure. You don't need it in a page so it can be accessed >> though HTTPS. @Secure guarantees that the page is only requested through >> HTTPS, redirecting if needed. From the @Secure JavaDoc: "A marker annotation >> that indicates that the page in question may only be accessed via HTTPS." >> >> Just remove @Secure and it will work with HTTP and HTTPS. > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org