You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Michael Wilimsky <mi...@frankendata.de> on 2001/04/26 10:16:27 UTC

http to https redirect

hi!

i have the following problem:

i am using struts and its template mechanism (template-taglib) in my
index.jsp:

<mytags:initapp/>

<template:insert template='<%= (String) session.getAttribute("layout") %>'>
  <template:put name="header" content='<%= (String)
session.getAttribute("header") %>'/>
  <template:put name="content" content='<%= (String)
session.getAttribute("content") %>'/>
  <template:put name="footer" content='<%= (String)
session.getAttribute("footer") %>'/>
</template:insert>

as one can see, i put some "logic" names for logic content in my
sessioncontext used by a layout.jsp file

all i do in my webapplication is to switch the "content"-.jsp file depending
on user-input... occasionally changing the "header" or "footer"...

in my index.jsp i added a custom tag: <mytags:initapp/>
it performs initial Database-Settings and i also tried to put in the
security switch dpending on my current "content"-filename...

what i want to do now is to turn security on for certain webcontents, e.g
when the "content"-jsp is set to login.jsp where the security-relevant
user/password info is sent over the net...

i configured tomcat for SSL on port 7573

the source for my initapp-tag contains:

    String server = ((HttpServletRequest)
pageContext.getRequest()).getServerName();
    String contextPath = ((HttpServletRequest)
pageContext.getRequest()).getContextPath();
    String servletPath = ((HttpServletRequest)
pageContext.getRequest()).getServletPath();
    boolean issecure = ((HttpServletRequest)
pageContext.getRequest()).isSecure();
    if (content.equals("login.jsp") && !issecure)
    {
      String secure = "https://"+server+":"+7573+contextPath+servletPath;
      HttpServletResponse response = (HttpServletResponse)
pageContext.getResponse();
      try
      {
        response.sendRedirect(response.encodeRedirectURL(secure));
        return (SKIP_PAGE);
      }
      catch (Exception e)
      {
        System.err.println(e);
      }
    }

but the browser canĀ“t handle the switch to https somehow and tells something
about "cannot open site... a security problem occurred...

how can i perform a switch between http://myhost:8080/myapp/index.jsp and
https://myhost:7573/myapp/index.jsp?????

please help....

thanx

michy