I did not include a security constraint.
Is this needed for SSL? I spend some time looking at this element, and I was under the impression that it was for form authentication?
You don't really need it for SSL testing, but you'd want to do it in
your production world because it basically instructs Tomcat to FORCE SSL
to be used when going to a given URL-pattern (that portion of your web
app that requires https). That is, if the user accesses your site with
http://xxxx, the port 80 Connector (or 8080 if testing or using a
non-standard port) has a "redirectPort" element that causes Tomcat to
automatically issue a redirect using https://xxxx (in production, this
is typically set to redirectPort="443" for standard HTTPS).
But if you just say https://xxxx or https://xxxx:8443, then it should
let you test before the constraint is used.
David
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]