• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

switching between http and https protocols

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi, there,
I'm developing a website including http and https protocols. On my login page, I have a button which will call doLoginAction. In this action class, according to the result of authentication, I will get the ActionForward from struts-config.xml. My problem is, mapping.findForward() can only get the relative path which does not include http or https. But I need to forward my request from http to https in this action.
After login success or failure mapping.findForward() forwards it to loginSuccessAction or loginFailureAction(), but I want it with http protocol and not https. Can you guy's help me please?
I think Struts should have some mechanism to handle such cases. Any advice will be very helpful.
Thanks in advance.

-Sanjay
 
Ranch Hand
Posts: 327
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Struts does not need a way to handle protocol issues because J2EE takes care of that. When you want a url to be accessed only via https, you simply need to add a security constraint like the one below. The example below only shows one url-pattern being used, although you can declare several. The url pattern can end in .jsp or .do or whatever else, including /*. When you specify a security constraint like the example below, the container will make only requests for the urls that match the url-patterns listed use the https protocol. All other urls will simply use http, and the protocol switching is forced and automatic.

If you look on the jakarta site, you can find information on something called sslext, which is an extension of Struts for protocol switching. Using this method, you can put elements in your struts config files that indicate that an action mapping should only be accessed via http or https. I think that you should NOT use this method. Since J2EE has a standard method, I think you should use that instead of a Struts extension. If you want more information about sslext, you could search this forum for my member number and "sslext." I wrote a large post a few months ago about how to get it to work. Good luck.
 
Forget Steve. Look at this tiny ad:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic