wood burning stoves*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes https back to http Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "https back to http" Watch "https back to http" New topic
Author

https back to http

Gabriel Forro
Ranch Hand

Joined: Apr 16, 2004
Posts: 59
Hello,

how can I switch back from https protocol to http? I know, that it's possible in programmatic way (by sendRedirect("http://...")), but is there any declarative way (i.e. in web.xml without any programming).


Gabriel
prasad appecherla
Greenhorn

Joined: May 06, 2002
Posts: 7
<web-app>
...
<security-constraint>
...
<user-data-constraint>
<description>requires the data transmission to be integral</description>
<transport-guarantee>INTEGRAL</transport-guarantee>
</user-data-constraint>
...
</security-constraint>
...
</web-app>

transport-guarantee is set to NONE => Plain HTTP
transport-guarantee is set to INTEGRAL or CONFIDENTIAL=> HTTPS
Gabriel Forro
Ranch Hand

Joined: Apr 16, 2004
Posts: 59
Thanks. I understand, that I can switch to https protocol by using INTEGRAL or CONFIDENTAL. But I want to switch back.
For example I have:
pageA - CONFIDENTAL mode
pageB - NONE mode

there is a link on pageA (for example as <a href="<c:url value='pageB'/>">link</a>

1. request to pageA
2. click to link
3. pageB is transferred to the client in https protocol

My question is, whether it is possible to swich back to http at point 3.
Bahadar Khan
Ranch Hand

Joined: Jun 19, 2003
Posts: 81
Gabriel,

It depends on the type of constraints you apply.
On using INTEGRAL you were automatically switched to HTTPS when the resource under that constraint was called. Now if you issue another URL where the resourse is under NONE, then whenver that url-pattern matches then automatically user will be switched to http.

But there is a possibility that any other URL may not be mapped for security issues, in that case just provide the link like 'http://---' so that will be changed to normal (http).
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: https back to http