posted 20 years ago
I am trying to create a web application where users are forced to use SSL to logon but are then taken back to a non SSL page when the user logs out. I can force pages to be SSL only without problem by setting a transport-gurantee for the pages to CONFIDENTIAL in the web.xml. I thought I might be able to get the page to be forced not to be SSL by using a transport guarentee of NONE, but this doesn't seem to work. Does anyone have any ideas as to how I might achieve this without having to rewrite URLs as part of my code?