2 Replies Latest reply: Feb 21, 2008 8:13 AM by 807581 RSS

    https - glassfish

    807581
      Hi

      I want to know how to make an application in ee5 + glassfish run in https.
      I need https only for the login page and after that i need it to be http.
      I understood from many sites that by adding this piece of code in web.xml under security constraint,https should be enabled.
      <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>
      but what happens is , whether this code is included or not, i am able to run my application using https.

      Thanks in advance.
        • 1. Re: https - glassfish
          807581
          Putting

          <user-data-constraint>
          <transport-guarantee>CONFIDENTIAL</transport-guarantee>
          </user-data-constraint>

          Will ensure that the URL's protected by auth-constraint cannot be accessed using HTTP, it would then cause a redirect and require https..

          But if you are already using https then it will work even if you do not specify the above.


          Can you please switch over to the GlassFish Forums https://glassfish.dev.java.net or email to users@glassfish.dev.java.net

          Thanks.
          • 2. Re: https - glassfish
            807581
            thanks. i ve posted my new question in glassfish forum. but it will be helpful if you could help with it too.
            i want to know how to make the login page alone https and then switch back to http for the other pages. The user data constraint when applied for the login page alone has no effect. It still applies the constraint for the whole application.

            Thanks in advance.