Struts does not need a way to handle protocol issues because
J2EE takes care of that. When you want a url to be accessed only via https, you simply need to add a security constraint like the one below. The example below only shows one url-pattern being used, although you can declare several. The url
pattern can end in .jsp or .do or whatever else, including /*. When you specify a security constraint like the example below, the container will make only requests for the urls that match the url-patterns listed use the https protocol. All other urls will simply use http, and the protocol switching is forced and automatic.
If you look on the jakarta site, you can find information on something called sslext, which is an extension of Struts for protocol switching. Using this method, you can put elements in your struts config files that indicate that an action mapping should only be accessed via http or https. I think that
you should NOT use this method. Since J2EE has a standard method, I think you should use that instead of a Struts extension. If you want more information about sslext, you could search this forum for my member number and "sslext." I wrote a large post a few months ago about how to get it to work. Good luck.
Anthony W.<br />MCP, SCJP 1.4, SCJD, SCWCD 1.3, SCWCD 1.4, SCBCD