It's not Struts that is ignoring your security constraints ... it's
Tomcat. Which makes sense, because you are using container-managed
security :-). That is because using SSL on the login pages is not
supported out of the box by Tomcat. You might want to investigate
projects like SSLExt or Secur
Sorry.. Posted to the wrong mailing list... It is not a struts-issue but a
tomcat issue so I post it where it belong.
Regards
Roland Carlsson
Den 04-11-12 10.26, skrev "Roland Carlsson"
<[EMAIL PROTECTED]>:
> Hi!
>
> I have a problem with my login.pages. They are supposed to only be reachable
Hi!
I have a problem with my login.pages. They are supposed to only be reachable
through ssl. But it seems like struts is ignoring the config in web.xml
about having the pages secure
(CONFIDENTIAL). (The full
security-constraint is posted in the end)
Right now I'm using the tomcat built in securi
3 matches
Mail list logo
