On Fri, Aug 7, 2009 at 2:40 PM, Josh Gooding wrote:
> I always thought that HTTPS is noticeably slower than regular HTTP,
> which is why I would not want HTTPS on the entire site, since video and
> graphics tend to be more bandwidth and CPU intensive.
In a time when most computers run 99% idle 90%
Josh Gooding writes:
[...]
> Run the Login.jsp through SSL, after successful login, drop the SSL. The
> entire session doesn't need encrypted, only the login and password.
Sure, that's possible. The general strategy is to accept the username
and password on a secure connection, and if they
Thanks for the reply Krist,
Let me give you a little background on what I did (and still doing). I
created a video training software that is now internet based. Nothing
inside of the training needs to be across HTTPS, except the login page.
Client's said they would "like" to see it done. Which
On Thu, Aug 6, 2009 at 10:04 PM, Josh Gooding wrote:
> Run the Login.jsp through SSL, after successful login, drop the SSL.
Why do you want to drop the SSL after logging in? It is a lot easier
to just run the whole site over https. This way all you need to do is
to configure SSL for your whole se
Greetings folks, I've ran into a little SSL snag here. Currently I have
Apache 2.2 and Tomcat 6.0 configured to run and talk to each other. It
seems to work even though I have ONE static page in the entire project for
right now.
What I want to do:
Run the Login.jsp through SSL, after successful
