Re: How to redirect from HTTPS to HTTP

2009-08-30 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thilani, On 8/29/2009 9:23 AM, Thilani wrote: > I am developing a web application which is require login for users. I want > to use HTTPS for login only. Your biggest problem will be maintaining the session id across the HTTP->HTTPS switch. See this

Re: How to redirect from HTTPS to HTTP

2009-08-29 Thread Mark Thomas
Thilani wrote: > After successfully login I want to direct users to http connection That is a really bad idea. If the threats to your system are such that you need to protect the login process using SSL then you should be providing the same level of protection for your session ID and running every

Re: How to redirect from HTTPS to HTTP

2009-08-29 Thread Hassan Schroeder
On Sat, Aug 29, 2009 at 10:53 AM, Thilani wrote: > I tried but no success. > Can you please give me a simple example? So I can try it out. What have you tried? Are you using the URLRewriteFilter or writing one of your own? -- Hassan Schroeder hassan.schroe...@gmail.com

Re: How to redirect from HTTPS to HTTP

2009-08-29 Thread Thilani
Hi, I tried but no success. Can you please give me a simple example? So I can try it out. Thanks a lot! Pid-6 wrote: > > On 29/08/2009 14:23, Thilani wrote: >> >> Hi All, >> >> I am developing a web application which is require login for users. I >> want >> to use HTTPS for login only. Applic

Re: How to redirect from HTTPS to HTTP

2009-08-29 Thread Pid
On 29/08/2009 14:23, Thilani wrote: Hi All, I am developing a web application which is require login for users. I want to use HTTPS for login only. Application server is tomcat 6.x and following is the url for login. https://localhost:8443/GIShome/index.shtm After successfully login I want to

Re: How to redirect from HTTPS to HTTP

2009-08-29 Thread Hassan Schroeder
On Sat, Aug 29, 2009 at 8:31 AM, Thilani wrote: > Can you please explain how can I use this with my application? > With this should I use security-constraint as well? Of course: the security-constraint indicates the resource to protect; if a client makes a request for a non-protected resource via

RE: How to redirect from HTTPS to HTTP

2009-08-29 Thread Martin Gainty
manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. > Date: Sat, 29 Aug 2009 16:26:16 +0200 > From: alexander.mestiashv...@biotec.tu-dresden.de > To: users@tomcat.apache.org > Subject: Re: How to redirect from HTTPS to HTTP > > Thilani

Re: How to redirect from HTTPS to HTTP

2009-08-29 Thread Thilani
Hi, Can you please explain how can I use this with my application? With this should I use security-constraint as well? Or do you want me to just rewrites the security-constraint output? Alex Mestiashvili wrote: > > Thilani wrote: >> Hi All, >> >> I am developing a web application which is req

Re: How to redirect from HTTPS to HTTP

2009-08-29 Thread Alexander Mestiashvili
Thilani wrote: Hi All, I am developing a web application which is require login for users. I want to use HTTPS for login only. Application server is tomcat 6.x and following is the url for login. https://localhost:8443/GIShome/index.shtm After successfully login I want to direct users to http