|
Your best bet is to use apache in front of tomcat (or whatever servlet container you are using) and use the apache java connector - I forget the name right now.
Apache is much better and configuring which URLs should be secure and which should not. This way the security is transparent to your jsp files.
|