On 25/02/2010 07:11, Cummins College wrote:
Hi,
Actually we are designing a security layer over our web app. We want to give
the user an option of choosing between http or https on login.
Why do you need to change the properties of the connector to do that?
Hence the need of changing from http to https or vice-versa at runtime.
Changing the properties of the connector won't change what happens in
the web app, it'll break the application, in several ways - because
there won't be a connector available to serve URLs that have a relative
reference to the unsecured host.
Worse the first person to choose HTTPS will force everyone else to use
it, too; without notifying them and breaking their version of the app
for the above reason.
We are aware of<transport guarentee>. But that is not at runtime.
Eh?
We had also thought of JMX as an option and seems like a feasible solution.
So could you tell us how to access Tomcat's MBeans at runtime using java or
any other code.
Stop. Please stop this madness now.
Investigate the SecurityFilter project instead.
p
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
