This week's book giveaway is in the OO, Patterns, UML and Refactoring forum.
We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line!
See this thread for details.
The moose likes Servlets and the fly likes How to turn off https once logged in? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Servlets
Bookmark "How to turn off https once logged in?" Watch "How to turn off https once logged in?" New topic
Author

How to turn off https once logged in?

Marcelo Ortega
Ranch Hand

Joined: May 31, 2005
Posts: 528

I am using this:

<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>

for a login page, but once logged i want to turn off https.

Any idea?

p.s, i'm using tomcat as the web container.


SCJP 1.4, SCWCD 1.4, SCBCD 1.3, SCJD, SCEA/OCMJEA

Live life to an interface, not an implementation!
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

An absolute link starting with 'http://...." will do it.

Just be aware, Tomcat creates separate sessions for secure and non secure connections so you will loose your session when you do this. Also, most browsers will whine with a popup if you force the user out of a secure session to a non-secure one.


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
Marcelo Ortega
Ranch Hand

Joined: May 31, 2005
Posts: 528

Thanks Ben.
 
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
 
subject: How to turn off https once logged in?
 
It's not a secret anymore!