Hello again!
After trying out the suggestion to use <security-constraint> in web.xml
(thanks Giampaolo!) I've figured out that it doesn't exactly solve my
problem. The problem is that I need to redirect to HTTPS for login and
some other subset of pages, and then after login, redirect back to HTTP.
By using <security-constrant> I am able to redirect to HTTPS, but there
doesn't seem to be a way to revert back to HTTP after the initial excursion.
I'm really getting pissed about this (and feeling more and more stupid
after each new failed attempt). Especially since the constraint to mix
HTTP and HTTPS pages has been forced upon me with the explanation that
everybody does it due to bad performance of HTTPS, which I'd give my
right arm if we would ever see in this particular application. :-(
Any other suggestions? Does anybody use a tapestry-based application in
which some pages are behind HTTPS while others are HTTP?
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
