• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

HTTPS back to HTTP( Sorry, Try again)

 
Mark Chen
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi everyone,
I have a problem with HTTPS and HTTP in my servlet & JSP development.
In my project I have one servlet which takes all user' request and then transfers to different JSP according the user'request.
When users first access this web they will get the login page. After typing the necessary data users submit this login request. This request will be sent to the server via HTTPS. I did this by forcing <FORM ACTION="https://localhost:8443/...> in my login page.
When the servlet receives this request, it will process it(verify the user name & password) and then transfer the request to some JSPs. The basic logic looks like:
doPost(request, response) {
// get parameters from request
// call other server for verification
If successful
dispatcher = request.getRequestDispatcher("/jsp/success.jsp");
Else
dispatcher = request.getRequestDispatcher("/jsp/fail.jsp");
dispather.forward(request, response);
}
What I expect here is the request of submitting login is via HTTPS but after the verification everything should go back to HTTP(No SSL any more).
But I found after I submit the login request via HTTPS everything becomes HTTPS. The problem I have is how I can go back to HTTP after the login data is received vai HTTPS.
My servlet container is TOMCAT 4.0.
I apprecaite if any one could give me some help.
Thanks,
Mark
 
Michael Yuan
author
Ranch Hand
Posts: 1427
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You should consider using response.sendRedirect(url) and give the full URL string (with http://)
Using absolute URLs is not a good idea if you want to deploy your application to many servers. But you can always have a HTTP/HTTPS policy configure file and have a wrapper method to encode all the relative URLs to absolute ones at runtime according the policies.
 
Mike Curwen
Ranch Hand
Posts: 3695
IntelliJ IDE Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Michael Yuan hinted at "the better" solution, and here's an article I read a month ago that has a really good summary of the issues involved (and some code!)

http://www.javaworld.com/javaworld/jw-02-2002/jw-0215-ssl_p.html
 
Mark Chen
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Michael, Mike:
Thanks for your suggestion and information. I would try agian and see what I could get.
Mark
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic