Enabled SSL, but how to prevent "HTTP:`\\xxxx"

Hello.
We have implemented SSL on IBM Http-server and Websphere applicaton server.
When we use "HTTPS:\\xxxxx" everything looks fine and we can se that the
certificate is used, the lock-icon on the browser and so on.
The problem is that we can still link to the application with "HTTP:\\xxxx" (unsecured).
How can we prevent this access ?
actions on the web-server ?
actions on the application server ?
actions on the deployment description ?)
[ September 30, 2003: Message edited by: Eskil Lind ]

Try looking at the transport-guarantee option on security-constraint in your web.xml...

Seems like I can solve this by editing the "Virtual host"-setting in WebSphere Application Server. I tried to set the only valid Virtual host to be "*:443". 443 is the SSL-port.
==> This worked fine. All "HTTP:\\xxx" was rejected.
Another challenge is that my application will call some static HTML-sites on the internet (new pop-up windows) with an ordinary "HTTP:\\xxxx"-kommand.
==> this was still possible
I have now accomplished to only allow HTTPS (SSL) to enter my application, and still my application can reach the outside world with "HTTP".