Meaningless Drivel is fun!*
The moose likes Servlets and the fly likes Switch back to Http from Https Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Switch back to Http from Https" Watch "Switch back to Http from Https" New topic
Author

Switch back to Http from Https

Vishnu Prakash
Ranch Hand

Joined: Nov 15, 2004
Posts: 1026
Can any one kindly guide me how to switch back to http protocol from https.


Servlet Spec 2.4/ Jsp Spec 2.0/ JSTL Spec 1.1 - JSTL Tag Documentation
Rajesh Vijaya
Ranch Hand

Joined: Oct 18, 2005
Posts: 48
hey vishnu ,

i found this link ...in google...if this is of relevant to you ..

http://swforum.sun.com/jive/thread.jspa?threadID=46767&messageID=139800


Rajesh <br /> <br />SCJP1.4 SCWCD1.4 SCBCD 1.3 ,SCDJWS(Preparing..)<br /> <br />There is no free will.It is the phenomenon bound by cause and effect.But there is something behind will which is free---Swami Vivekananda...
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

An absolute link with the 'http://' scheme will do it.

No matter how you do it, there will be some issues to watch for.
Many containers won't keep the same session for secure and non secure traffic.
In other words, you'll lose your session when you switch.

Also, all recent browsers, by default will generate a popup window warning the user that they are moving away from a secure session. Some users may see this as a bug in your app.

Lastly, as the name implies, non-secure sessions are, well, less secure.
Under https, your session ID is encrypted before going over the wire.
Without it, the session ID is transmitted as clear text. This makes session hijacking much easier.


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Vishnu Prakash
Ranch Hand

Joined: Nov 15, 2004
Posts: 1026
Thanks Ben

I appreciate if you can look in this
thread and solve my doubts.
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

Originally posted by Vishnu Prakash:
Thanks Ben

I appreciate if you can look in this
thread and solve my doubts.


I saw that thread and didn't respond to it earlier because I don't really have a good answer for you.
I only use declarative security for some of the smaller, inhouse apps where I work. For the larger apps I use programmatic security.
Because of this, I don't really know all the ins and outs of form based authentication.

Someone else might.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Switch back to Http from Https