r***@ibsplc.com
2005-07-11 07:30:34 UTC
Hi
I am using websphere 5.1 . I need to have my login page with HTTPS and rest with HTTP , i tried by providing the
CONFIDENTIAL and NONE in <transport-guarantee> <transport-guarantee.
Now the login is happen with HTTPS, but the switching from HTTPS to HTTP is not happening
here is the code i had written in we.xml
Do i have to use HTTP Server or Websphere Portal for implementing this. Or is it possible with WAS itself.
<security-constraint>
<web-resource-collection>
<web-resource-name>OrderInventory</web-resource-name>
<description>OrderInventory</description>
<url-pattern>/login.html</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<description>SSL required</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>OrderInventory</web-resource-name>
<description>OrderInventory</description>
<url-pattern>/secure/*.html</url-pattern>
<url-pattern>/secure/view.html</url-pattern>
<url-pattern>/secure/order.html</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<description>SSL not required</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
Thanks in Advance
Rajesh Kartha
I am using websphere 5.1 . I need to have my login page with HTTPS and rest with HTTP , i tried by providing the
CONFIDENTIAL and NONE in <transport-guarantee> <transport-guarantee.
Now the login is happen with HTTPS, but the switching from HTTPS to HTTP is not happening
here is the code i had written in we.xml
Do i have to use HTTP Server or Websphere Portal for implementing this. Or is it possible with WAS itself.
<security-constraint>
<web-resource-collection>
<web-resource-name>OrderInventory</web-resource-name>
<description>OrderInventory</description>
<url-pattern>/login.html</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<description>SSL required</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>OrderInventory</web-resource-name>
<description>OrderInventory</description>
<url-pattern>/secure/*.html</url-pattern>
<url-pattern>/secure/view.html</url-pattern>
<url-pattern>/secure/order.html</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<description>SSL not required</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
Thanks in Advance
Rajesh Kartha