Caldarale, Charles R wrote: > > Read section 12 of the servlet spec. Use a <url-pattern> in conjunction > with the <transport-guarantee> that covers only the login page. > > - Chuck
Thank you Charles, I've read the servlet spec, but my problem is I specified /login.jsp as url-pattern in deployment descriptor and before the user reach that page everything is normal but when the page is going to display the http will change to https and it's right. the problem is after login every page is secure as well, and even if I remove the "s" from https it won't work. I need only login page to be secured not all the pages after that -- View this message in context: http://www.nabble.com/how-to-setting-up-SSL-for-a-specific-page-tf4135638.html#a11941375 Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]