• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Switching between http and https in struts-config

 
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm working on a webapp where some of the pages should be accessed through HTTPS and others through HTTP.

For example, login and registration need to be secure, but once the registration is done and we go to the user home page, we can go back to the nonsecure site.

All pages, secure and nonsecure, are being served by the same Tomcat instance.

I'm wondering about the best way to handle this in the struts config file. If you are allowed to put absolute URLS in a forward "path" attribute, that could be one solution, but it loses portability and that file has to be edited every time we want to deploy the app to another machine with another hostname.

To be more concrete, let's say we go to this page:
https://mysite.com/appname/login.do

The action contains multiple forwards, all of which will continue to be served by https since we started with an https url. But I want at least one of those forwards to return to the nonsecure site. (I also want to do the converse).

Anyone have some ideas on this?
Thanks
 
Ranch Hand
Posts: 107
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You will need to write a filter that will check to see if the page is using http or https. If the requested page is in a non-secure area, send a redirect to the user's browser with the corrected url. You can do the same going the other way from http to https.
reply
    Bookmark Topic Watch Topic
  • New Topic