I have developed a j2ee application, deployed on jboss and fronted it with a Apache 2.2 server (using mod_jk)
So all requests on Apache, are served by jboss running on port 8080.
For security, I generated a SSL certificate and applied it to Apache, using mod_ssl.
But this has rendered my complete application secure and accesible only by https.
But I wish my java application, to be presented similar to http://www.makemytrip.com This applcation allows users to search flights and and add them to a shopping cart. All of this over http.
Only when the user, does a checkout, he/ she is served content over https, but there is no change to the url seen in the browser, except for http becoming https.
I feel such a behaviour is managed by the web server (and not the java application or the application server), using some thing like url rewriting or similar, so this post.
Am I right?
Any help or tips on how to achieve the above will be greatly appreciated.
subject: Partially secure web applications ... HOW TO?