This week's book giveaway is in the General Computing forum.
We're giving away four copies of Arduino in Action and have Martin Evans, Joshua Noble, and Jordan Hochenbaum on-line!
See this thread for details.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes https back to http Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of Arduino in Action this week in the General Computing forum!

A special promo: Enter your blog post or vote on a blogger to be featured in an upcoming Journal
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Reply Bookmark "https back to http" Watch "https back to http" New topic
Author

https back to http

Gabriel Forro
Ranch Hand

Joined: Apr 16, 2004
Posts: 59
posted private message
0
Quote
Hello,

how can I switch back from https protocol to http? I know, that it's possible in programmatic way (by sendRedirect("http://...")), but is there any declarative way (i.e. in web.xml without any programming).

Gabriel
prasad appecherla
Greenhorn

Joined: May 06, 2002
Posts: 7
posted private message
0
Quote
<web-app>
...
<security-constraint>
...
<user-data-constraint>
<description>requires the data transmission to be integral</description>
<transport-guarantee>INTEGRAL</transport-guarantee>
</user-data-constraint>
...
</security-constraint>
...
</web-app>

transport-guarantee is set to NONE => Plain HTTP
transport-guarantee is set to INTEGRAL or CONFIDENTIAL=> HTTPS
Gabriel Forro
Ranch Hand

Joined: Apr 16, 2004
Posts: 59
posted private message
0
Quote
Thanks. I understand, that I can switch to https protocol by using INTEGRAL or CONFIDENTAL. But I want to switch back.
For example I have:
pageA - CONFIDENTAL mode
pageB - NONE mode

there is a link on pageA (for example as <a href="<c:url value='pageB'/>">link</a>

1. request to pageA
2. click to link
3. pageB is transferred to the client in https protocol

My question is, whether it is possible to swich back to http at point 3.
Bahadar Khan
Ranch Hand

Joined: Jun 19, 2003
Posts: 81
posted private message
0
Quote
Gabriel,

It depends on the type of constraints you apply.
On using INTEGRAL you were automatically switched to HTTPS when the resource under that constraint was called. Now if you issue another URL where the resourse is under NONE, then whenver that url-pattern matches then automatically user will be switched to http.

But there is a possibility that any other URL may not be mapped for security issues, in that case just provide the link like 'http://---' so that will be changed to normal (http).
 
I agree. Here's the link: http://zeroturnaround.com/jrebel - it saves me about five hours per week
 
subject: https back to http
 
Similar Threads
Different Between Http and Https protocols
Sessions in HTTP & HTTPS
secure access and struts
SSL
Cookies , http , https