A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
Leaving https and coming back to http
Joined: Jan 19, 2006
Mar 02, 2007 05:32:00
In my WEB application I use the FORM authentication with SSL.
Basically, in the login form, the submit button redirects the user to the j_security_check by using https.
So far so good, the problem is that after authentication is performed and the desired url is loaded, all reamining requests are using the https. Even for that non secure urls.
I could realize that if I construct all my urls by
text before the url this problem is solved.
Once all my web pages use urls relative to application context, I didn't found this solution very elegant because I have to change all relative for absolute urls.
Original url link in my web page : /admin/ManageUsers.do ==> redirects to http
New changed url link in my web page :
Is there another more elegant solution for this ?
"If someone asks you to do something you don't know how to, don't tell I don't know, tell I can learn instead." - Myself
Joined: Mar 22, 2005
Mar 02, 2007 06:30:00
You could put a redirect to a non-HTTPS URL into the page that's reached right after the login.
Ping & DNS, my free Android app for network diagnostics
I agree. Here's the link:
subject: Leaving https and coming back to http
Conversion of the paths of the names of the image files ??
Tomcat 5.0 FORM authentication + servlet mapping problem
IIS Integrated Authentication + Tomcat Form-based (or basic) Authentication
how to redirect to success page in tomcat using its lapd configuration
How do I secure only my login page? Please help!
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2013