Hi, I am trying to use HTTPs for my login page. After the logging is done the subsequent pages should use HTTP.
I succeeded in using HTTPs for login page. but after login page the redirection from HTTPs to HTTP is not happening. All the pages are using HTTPs. I configured the security-constraint as CONFIDENTIAL only for the login page url. Also while I searched on this issue on net and found a possible problem as the session created in HTTPS can not be used in HTTP, so the session should be first created in HTTP. So I created the session using request.getSession(true) in a filter before redirecting to the login page. But it still not working. Please help Regards, Prashant
