Re: SSL on url demand

2016-03-15 Thread h3ph3st0s
Yes, it seems nice. But in deed I don't know how to "glue" it within requests/responses and especially ajax. Also it says about Request.isSecure() method which also seems good, right ? Should be within a method with @AfterRender, in order to evaluate always the calls ? Thanks and regards, Dim

Re: SSL on url demand

2016-03-15 Thread Norman Franke
Unless, of course, you offload SSL processing to a load balancer. Tapestry doesn’t seem to handle that at all. Norman Franke Answering Service for Directors, Inc. www.myasd.com > On Mar 9, 2016, at 9:36 PM, JumpStart > wrote: > > The simple answer is - the whole worl

Re: SSL on url demand

2016-03-10 Thread Barry Books
I think you could override the service RequestSecurityManager and make it do whatever you want. On Wednesday, March 9, 2016, h3ph3st0s wrote: > Hi, > > I built a small tapestry page under jboss. I read that in order to apply > SSL I had to either put @Secure annotation or configure with > config

Re: SSL on url demand

2016-03-10 Thread Chris Poulsen
I has been a long while since I looked at this, but as far as i can remember that setting allows the application to work in both http / https mode depending on the protocol specified by the request (we use T5.4) - so if the page is requested using https all links that are generated are respecting t

Re: SSL on url demand

2016-03-10 Thread h3ph3st0s
Chris hi, thanks for the answer but this is already tested & it works. But it is hard-coded and practically does not allow me to switch on or off the overall SSL context per user request. I have seen other applications that work either http or https simultaneously without redeploying new comp

Re: SSL on url demand

2016-03-10 Thread h3ph3st0s
Hi and thank you for the responses, Perhaps it was not clear the question. If I use configuration or "-D" or @Secure then I am stack application wide for entire usage. What I would like to know if there is a way to switch on or off depending if the user requested https and port e.g. 8443 OR htt

Re: SSL on url demand

2016-03-10 Thread Chris Poulsen
I think we're handling it like this: // default to non-secure pages (allows us to support both http and https based on the incoming request) configuration.add( SymbolConstants.SECURE_ENABLED, "false" ); HTH. -- Chris On Thu, Mar 10, 2016 at 3:36 AM, JumpStart < geoff.callender.jumpst...@gmail.

Re: SSL on url demand

2016-03-09 Thread JumpStart
The simple answer is - the whole world is being moved to HTTPS very rapidly so just go with it, for EVERY request. See http://motherboard.vice.com/read/google-will-soon-shame-all-websites-that-are-unencrypted-chrome-https To do this, in your AppModule just set configuration.add(MetaDat

SSL on url demand

2016-03-09 Thread h3ph3st0s
Hi, I built a small tapestry page under jboss. I read that in order to apply SSL I had to either put @Secure annotation or configure with configuration.add(MetaDataConstants.SECURE_PAGE, "true"); Everything is ok with that, but my issue how can I make this to be reconfigured each time dependi