I have a web application which must run entirely using https. I've successfully configured a security constaint and role for this.
I also need a portion of the web application to have restricted access using a form based login, which I know how to do as well.
But how do I configure a single web application to use both? Do I use 2 security constraints? ... or 1 security constraint and 2 resource collections?
I've tried many combinations but can't get the 2 methods to work simultaniously with different URL
patterns and roles. Using the same url and role, it works fine.
Any ideas? Do I need to divide my app. into 2 apps.?
Thanks, Jason