I am using SSL on a web page where a customer makes a purchase. The page itself displays the proper insignia of an SSL connection. However, when my
servlet makes a response, I do not see the SSL insignia. I fear that I am missing something, or that I am not maintaining an SSL connection throughout the process.
When the browser displays my page, purchase.html, it indicates that an SSL connection has been made: 1) the name of my site appears in the url line, and 2) the padlock symbol appears in the lower right corner of the browser. If I hover the cursor over either the url prefix or the padlock, I see the message “verified by GeoTrust”. So this looks good.
The customer presses the Submit button, and the page does a post, calling my servlet with an https url. The servlet understands what the page sends, and responds with html code. But I do not see the SSL insignia in the response page. I see “https” in the url, and the full url call to the servlet:
https://www.mysite.com/MyProject/MyPackage/MyServlet
But I do not see the name of my site prefixing the url, and the padlock in the lower right is broken. If I cursor hover over the padlock, I get the message “warning: contains unauthenticated content”.
If I press the back page button of the browser at this point, I return to purchase.html, and it shows the proper insignia of an SSL connection. I press the Submit button again, and my servlet responds with an https url, but without the insignia.
I am concerned that I am losing the encrypted connection when sending a servlet response. The response does not contain any confidential information. But I do not like the disappearance of the insignia.
Is this normal behavior, or is there a lapse in the SSL connection? If this is a lapse, what must I do to make the servlet response show that it is truly SSL encrypted and verified? I don’t think that I need to see
Java code at this point. I think that I need some higher level guidance on what I should be doing to maintain SSL throughout the purchase process.
Thanks again for all your help,
Josef