This week's book giveaway is in the Jython/Python forum.
We're giving away four copies of Murach's Python Programming and have Michael Urban and Joel Murach on-line!
See this thread for details.
Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Enforcing SSL for login page only  RSS feed

 
Daniel Walker
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all

I'm currently using J2EE realms with a transport guarantee of "CONFIDENTIAL" to force SSL for my login pages. However, I'd like to switch back to regular HTTP once this has completed, and I can't work out how to do it.

Even if I try to access an area I have previously authenticated to with a HTTP (rather than HTTPS) URL, it just places me into SSL mode automatically.

The area which requires authentication is a subdirectory off from the root of the webapp - the authentication requires login before accessing anything beneath this subdirectory.

Anything blatant I'm missing here?

Regards

Dan Walker
 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!