>>But isn't it a bad idea to hard-code your path(s) that require SSL. What
>>happens if a decision
is made to change the action servlet's mapping from, say *.do to /servlet/*.
You would have to
remember to change the path(s) in the filter... Furthermore, what if you
change the name of the
action that requires SSL?
Don't tie SSL to an action, but to a wildcard path. Some websites have a http
public and https
member-only area. You could do something like establishing a filter for
/login/* or /member/*
which forces people into SSL.
>> Another problem that I can think of is that all the link on
the redirected SSL page will be generated with https.
Not under this pattern :-) If you code everything in relative paths, your links
will be whatever
the current scheme is. So when the servlet filter picks up and redirects to
HTTPS, all your links
will then be in HTTPS too.
>> Do you have any code?
You can google "ssl servlet filter" to find some good code. All you have to do
is rebuild the URL
in https. You'll have a turkey of a time learning to do this :-) Happy
Thanksgiving!!
-- Paul
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
