Win a copy of The Way of the Web Tester: A Beginner's Guide to Automating Tests this week in the Testing forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Partially secure web applications ... HOW TO?

Jeevan Sunkersett
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I have developed a j2ee application, deployed on jboss and fronted it with a Apache 2.2 server (using mod_jk)

So all requests on Apache, are served by jboss running on port 8080.

For security, I generated a SSL certificate and applied it to Apache, using mod_ssl.

But this has rendered my complete application secure and accesible only by https.

But I wish my java application, to be presented similar to
This applcation allows users to search flights and and add them to a shopping cart. All of this over http.
Only when the user, does a checkout, he/ she is served content over https, but there is no change to the url seen in the browser, except for http becoming https.

I feel such a behaviour is managed by the web server (and not the java application or the application server), using some thing like url rewriting or similar, so this post.

Am I right?
Any help or tips on how to achieve the above will be greatly appreciated.

  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic