Java Forums
Register Today's Posts Search Today's Posts Mark Forums Read

Main Menu
Home
Today's Posts
FAQ
Search
Contact Us

Java Network
Java Tips
Java Tips Blog

Sponsored Links





Welcome to the Java Forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community, you will:

  • have access to post topics
  • communicate privately with other members (PM)
  • not see advertisements between posts
  • have the possibility to earn one of our surprises if you are an active member
  • access many other special features that will be introduced later.

Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 08-03-2007, 04:42 AM
Member
  
Join Date: Jul 2007
Posts: 9
mutuah is on a distinguished road
switching between HTTP and HTTPS
Hi all.

Am trying to create jsp pages where the login page runs on htts but the rest are on http protocol. How can i implement this. At least I know that the two protocols create different sessions.

I would also wish to know how to revert back to https from http. Thanks in advance.
Mutua.
Bookmark Post in Technorati
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 08-03-2007, 06:52 AM
Senior Member
  
Join Date: Jul 2007
Posts: 134
brianhks will become famous soon enough
Your best bet is to use apache in front of tomcat (or whatever servlet container you are using) and use the apache java connector - I forget the name right now.

Apache is much better and configuring which URLs should be secure and which should not. This way the security is transparent to your jsp files.
Bookmark Post in Technorati
Reply With Quote
  #3 (permalink)  
Old 08-03-2007, 05:55 PM
Member
  
Join Date: Jul 2007
Posts: 9
mutuah is on a distinguished road
Thanks brianhks.

Am using tomcat and servlet container and have already configured the web.xml

<security-constraint>
<display-name>secure_pages</display-name>
<web-resource-collection>
<web-resource-name>index.jsp</web-resource-name>
<description/>
<url-pattern>/index.jsp</url-pattern>
</web-resource-collection>
<user-data-constraint>
<description/>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

but the problem is all pages become secured (https) contrary to my wish. I want the login page and later another page to be secured.

What I need is to switch between the https and http sessions.
Last edited by mutuah : 08-03-2007 at 05:57 PM. Reason: typo errors
Bookmark Post in Technorati
Reply With Quote
  #4 (permalink)  
Old 08-03-2007, 08:11 PM
Senior Member
  
Join Date: Jul 2007
Posts: 134
brianhks will become famous soon enough
It is a lot easier to let Apache do it for you. The connector is modjk.
Bookmark Post in Technorati
Reply With Quote
  #5 (permalink)  
Old 08-03-2007, 08:49 PM
Member
  
Join Date: Jul 2007
Posts: 9
mutuah is on a distinguished road
Sorry brianhks to trouble you this far. I have set one page 'index.jsp' to an https. this 'index.jsp' is the first my page. After signing, all other pages are https but its not what i want.
Bookmark Post in Technorati
Reply With Quote
  #6 (permalink)  
Old 08-03-2007, 09:19 PM
Senior Member
  
Join Date: Jul 2007
Posts: 134
brianhks will become famous soon enough
I think you have missed my point. What you do is forget about doing anything in https from tomcat. From tomcat every thing is in the clear. You install Apache in front of Tomcat so that Apache passes request through to Tomcat. Now from Apache it is easy to setup certain URL's to be https and other to not be https. This way from within Tomcat every thing is on the same session. Apache handles the switching which is what it is good at (and a bunch of other stuff too).
Bookmark Post in Technorati
Reply With Quote
  #7 (permalink)  
Old 08-03-2007, 11:08 PM
Member
  
Join Date: Jul 2007
Posts: 9
mutuah is on a distinguished road
Hi brianhks,
Am running my jsp pages on apache tomcat. The first page 'index.jsp' is the home page. I have set the web.xml for the page i need secured but seems the other pages too get secured contrary to my wish.

In the servlet, I have redirected by hard-coding the url page I need after the index page but I loose the session. How do I get the same session data in both HTTP and HTTPS?
Bookmark Post in Technorati
Reply With Quote
Sponsored Links
Reply

« Canvas question | Help Please »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Switching Careers to Java? It's never to late, is it? /-ICEpik Jobs Discussion 7 06-11-2008 09:15 PM
is it possible to open INNER https url on web mailbox? Hanzo Networking 0 01-31-2008 02:34 PM
JDK 1.3 with HTTPS sriram Advanced Java 2 01-21-2008 11:51 PM
how To Use Https Connection For Communication fred Advanced Java 2 08-01-2007 05:59 PM
HTTPS and JBoss Heather Advanced Java 2 06-30-2007 05:50 PM


All times are GMT +3. The time now is 02:35 PM.
Contact Us - Java Forums - Sitemap - Top

VBulletin, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2006 - 2007, www.java-forums.org