Originally posted by pankaj semwal:
Hi
how to run servlet on a specific i m ruuning servlet on https 8443 port but it is also running on http 8080 port.so how could i restrict 8080 to work on that particular servlet
I guess, when you are trying to access the secured servlet through the http, you are being auto redirected to https.
And to achieve this, you may have put the transport guarantee to INTEGRAL or CONFIDENTIAL. Hence this is the correct behavior as this ensures that the communication between the client and the server is on SSL.
I think your other requirement is that of 'Authentication' or 'Client Identification'. For this you could impose a 'auth-constraint' on the servlet. This will ensure that the client is always authenticated and the communication is over SSL. It would also ensure that the client trying to access the servlet over http is not rejected and prompted to authenticate herself. This maybe desired as people tend to forget to put https instead of http in the address bar of browser.
If still you want to restrict any communication over http(even the initial redirect to https), the
you should follow the approach as Ulf suggested.
[ November 27, 2008: Message edited by: Satya Maheshwari ]