?
Solved

Automatically redirect on SSL port?

Posted on 2004-08-24
2
Medium Priority
?
651 Views
Last Modified: 2013-12-10
Two part question

Part 1:
Using Websphere, how do I automatically switch or redirect to the SSL port.
For example if a user types in http://www.mydomain.com/secure/login.jsp , I would like the server to automatically switch the request to https://www.mydomain.com/secure/login.jsp.

Part 2:
Once in https I would like to have a link (relative to the domin) (ie <a href="../products.jsp"> click here </a>) such that it will use http instead of https.

TIA
0
Comment
Question by:yoshir
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 4

Accepted Solution

by:
pluim earned 1000 total points
ID: 11886926
There are several options:

1. Set up the IBM HTTP Server (that sits in front of WAS) to redirect any requests. See http://www.sitepoint.com/forums/showthread.php?t=139605 for details.
Just change the "dir" in RewriteCond %{REQUEST_URI} ^/dir.*$ to "secure", and any page under /secure will be forced to https

2. Set up two virtual hosts, one for port 80 and one for port 443. Redirect any requests for pages under /secure coming into the virtual host on port 80 to https.
See post 5: http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=909cse%24105e%241%40news.software.ibm.com&rnum=3&prev=/groups%3Fq%3DIHS%2520redirect%2520http%2520https%26hl%3Den%26lr%3D%26ie%3DUTF-8%26sa%3DN%26tab%3Dwg

3. Modify the login.jsp to detect the protocol and do the redirect there via Javascript. See http://www.experts-exchange.com/Web/Web_Servers/IIS/Q_20757759.html. Obviously, you'll have to include the Javascript in every page that you want to force into https.

The Javascript option helps with the second part. You can't change protocols through relative links, and using fully qualified URLs is a poor solution because of maintenance. You're better off by using Javascript in your products.jsp file as described in the PAQ above:

<SCRIPT LANGUAGE="JavaScript">
if (location.protocol != 'http:'){
     window.location= 'http://' + location.host + location.pathname + location.search
}
</SCRIPT>

Why would you want to drop out of SSL though? Once the connection has been set up, the encryption/ decryption overhead is minimal. Switching protocols can also give those annoying pop-up warnings you're about to leave a secure connection.
0
 

Author Comment

by:yoshir
ID: 11896379
plumin

I changed the rewrite rule by qualifying it more and took out the conditions. I applied a similar rule in the 443 virtual host to go from https to http when the link was back at the root (no longer in /secure)

Thanks
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Upgrading Tomcat – There are a couple of methods to upgrade Tomcat is to use The Apache Installer is to download and unzip and run the services.bat remove|install Tomcat6 Because of the App that we are working with, we can only use Tomcat 6.…
There are numerous questions about how to setup an IBM HTTP Server to be administered from WebSphere Application Server administrative console. I do hope this article will wrap things up and become a reference for this task. You need three things…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question