Best way of providing your website over https

Hi all,

I'm using JBoss 4.0.x for my website. I would like to know the recommended way of providing https access to my site. I would like to have something like a link called "secure version" on the sidebar of all pages, and when the user clicks on it, the rest of his session is using https by default. How can I do that?

Also, I have enabled CONFIDENTIAL transport for URLs beginning with 'secure' on my site. The problem is that once you go into https, the rest of the session continues in it (it doesn't come back to http even if you browse to a URL that doesn't contain 'secure') How can I fix this one?

Thanks,
_steve.

I fogot to mention one more requirement - if a user accesses a URL with https directly (a bookmark, for eg) then that entire session should continue in https.

Thanks,
_steve.

Hey Ranchers,
Anybody got an answer to the question asked ? PLease let me also know.

I recently faced an interview with a software company. Though I am currently developing on JSP/Servlets and Tomcat.

However in the interview, I was asked a question as to how I would make transactions on my website secure implementing the same technologies.

I was really clueless coz I had no idea.

Could anyone please enlighten me ?

Thanks