Hi Chris, I know that, but the code posted in the question had a CONFIDENTIAL value set for <transport-guarantee> and the author still seemed to have lacks regarding it... But just for a matter of curiosity, why should I use another port for SSL, instead of 443 ?
-----Mensagem original----- De: Christopher Schultz [mailto:[EMAIL PROTECTED] Enviada em: terça-feira, 23 de outubro de 2007 17:23 Para: Tomcat Users List Assunto: Re: RES: How can I ensure that client access servlets via HTTPS? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Marcus, Milanez, Marcus wrote: > I think you could configure your server so that the 80 port is not > available, only the 443 one. Programaticaly, you can invoke the > request.isSecure() method to check whether your request uses https. Or, better yet, you can use <transport-guarantee> in your web.xml file: no need to change your code to check for SSL and no need to bet on port 443 always being HTTPS. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHkod9CaO5/Lv0PARAjy7AJ49bKnjJMhn1HRDNYaKkycMdESMbgCgwML9 yp4LD9VBs50ij5zd57ZKF4s= =b3Qt -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
