Hi Everyone, I'm totally new at the email list thing here, and I could use a little help on tomcat http/https config
We have developed a web app that uses tomcat 5, and would like to switch between http / https depending on the URL. This is so users can sign in and view their account infor via https, and the app public pages can be on normal port 80. We've had some success with this, and can switch to https from http, althought sometimes it appears to drop the session. The problem we're having is switching back to http (and the session dropping). Here's the first modification to our web.xml file <security-constraint> <display-name>Secure Access</display-name> <web-resource-collection> <web-resource-name>LoginServlet</web-resource-name> <web-resource-name>AdminServlet</web-resource-name> <url-pattern>/login</url-pattern> <url-pattern>/my-account/*</url-pattern> <url-pattern>/acct</url-pattern> <url-pattern>/admin</url-pattern> <url-pattern>/zadmin/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> This works for switching to https from http, but we would like to switch back as well. We added the following to the file in hopes to make this happen <security-constraint> <web-resource-collection> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> But no luck! We've also searched the web pretty well. I found an article about tomcat 4 that said switching between protocols in the same session was disabled. A few books we've looked at have not helped - I thought this request would be more popular for web app developers but now I'm not sure. Does anyone have any thoughts on this? Any help is greatly appreciated. Best Regards, Rob
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]