?
Solved

Automatically redirect on SSL port?

Posted on 2004-08-24
2
Medium Priority
?
656 Views
Last Modified: 2013-12-10
Two part question

Part 1:
Using Websphere, how do I automatically switch or redirect to the SSL port.
For example if a user types in http://www.mydomain.com/secure/login.jsp , I would like the server to automatically switch the request to https://www.mydomain.com/secure/login.jsp.

Part 2:
Once in https I would like to have a link (relative to the domin) (ie <a href="../products.jsp"> click here </a>) such that it will use http instead of https.

TIA
0
Comment
Question by:yoshir
2 Comments
 
LVL 4

Accepted Solution

by:
pluim earned 1000 total points
ID: 11886926
There are several options:

1. Set up the IBM HTTP Server (that sits in front of WAS) to redirect any requests. See http://www.sitepoint.com/forums/showthread.php?t=139605 for details.
Just change the "dir" in RewriteCond %{REQUEST_URI} ^/dir.*$ to "secure", and any page under /secure will be forced to https

2. Set up two virtual hosts, one for port 80 and one for port 443. Redirect any requests for pages under /secure coming into the virtual host on port 80 to https.
See post 5: http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=909cse%24105e%241%40news.software.ibm.com&rnum=3&prev=/groups%3Fq%3DIHS%2520redirect%2520http%2520https%26hl%3Den%26lr%3D%26ie%3DUTF-8%26sa%3DN%26tab%3Dwg

3. Modify the login.jsp to detect the protocol and do the redirect there via Javascript. See http://www.experts-exchange.com/Web/Web_Servers/IIS/Q_20757759.html. Obviously, you'll have to include the Javascript in every page that you want to force into https.

The Javascript option helps with the second part. You can't change protocols through relative links, and using fully qualified URLs is a poor solution because of maintenance. You're better off by using Javascript in your products.jsp file as described in the PAQ above:

<SCRIPT LANGUAGE="JavaScript">
if (location.protocol != 'http:'){
     window.location= 'http://' + location.host + location.pathname + location.search
}
</SCRIPT>

Why would you want to drop out of SSL though? Once the connection has been set up, the encryption/ decryption overhead is minimal. Switching protocols can also give those annoying pop-up warnings you're about to leave a secure connection.
0
 

Author Comment

by:yoshir
ID: 11896379
plumin

I changed the rewrite rule by qualifying it more and took out the conditions. I applied a similar rule in the 443 virtual host to go from https to http when the link was back at the root (no longer in /secure)

Thanks
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

-Xmx and -Xms are the two JVM options often used to tune JVM heap size.   Here are some common mistakes made when using them:   Assume BigApp is a java class file for the below examples. 1.         Missing m, M, g or G at the end …
This article is about some of the basic and important steps to be used to improve the performance in web-sphere commerce application development. 1) Always leverage the Dyna-caching facility provided by the product 2) Remove the unwanted code …
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question