Re: How to force HTTPS on some of Struts-based site

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gordon, Hyatt, Gordon wrote: | I had everything working correctly using container-based security (using | digested passwords), including denying DELETE and PUT requests. But, | due to the "enhanced" password encryption requirements of this site (a |

RE: How to force HTTPS on some of Struts-based site

See my comments inline. > -Original Message- > From: Christopher Schultz [mailto:[EMAIL PROTECTED] > Sent: Wednesday, April 02, 2008 8:50 PM > To: Tomcat Users List > Subject: Re: How to force HTTPS on some of Struts-based site > > -BEGIN PGP SIGNED MESS

Re: How to force HTTPS on some of Struts-based site

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gordon, Hyatt, Gordon wrote: | The intent is as follows: | | For the main site: plain HTTP access | | For the administration and sample submission areas, require | authentication over HTTPS | | Disallow DELETE and PUT methods from all areas. [snip]

How to force HTTPS on some of Struts-based site

I'm trying to add Authentication (over HTTPS) to a Struts-based web app and am running into problems. I can get Tomcat (5.5.26) to authenticate the user (using Basic login) without issue, but I can't seem to get a Struts-based login form to work. Because of the way the passwords are encrypted,