• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Enforcing SSL for login page only

Daniel Walker
Posts: 19
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all

I'm currently using J2EE realms with a transport guarantee of "CONFIDENTIAL" to force SSL for my login pages. However, I'd like to switch back to regular HTTP once this has completed, and I can't work out how to do it.

Even if I try to access an area I have previously authenticated to with a HTTP (rather than HTTPS) URL, it just places me into SSL mode automatically.

The area which requires authentication is a subdirectory off from the root of the webapp - the authentication requires login before accessing anything beneath this subdirectory.

Anything blatant I'm missing here?


Dan Walker
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic