Solved

Automatically redirect on SSL port?

Posted on 2004-08-24
2
645 Views
Last Modified: 2013-12-10
Two part question

Part 1:
Using Websphere, how do I automatically switch or redirect to the SSL port.
For example if a user types in http://www.mydomain.com/secure/login.jsp , I would like the server to automatically switch the request to https://www.mydomain.com/secure/login.jsp.

Part 2:
Once in https I would like to have a link (relative to the domin) (ie <a href="../products.jsp"> click here </a>) such that it will use http instead of https.

TIA
0
Comment
Question by:yoshir
2 Comments
 
LVL 4

Accepted Solution

by:
pluim earned 250 total points
ID: 11886926
There are several options:

1. Set up the IBM HTTP Server (that sits in front of WAS) to redirect any requests. See http://www.sitepoint.com/forums/showthread.php?t=139605 for details.
Just change the "dir" in RewriteCond %{REQUEST_URI} ^/dir.*$ to "secure", and any page under /secure will be forced to https

2. Set up two virtual hosts, one for port 80 and one for port 443. Redirect any requests for pages under /secure coming into the virtual host on port 80 to https.
See post 5: http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=909cse%24105e%241%40news.software.ibm.com&rnum=3&prev=/groups%3Fq%3DIHS%2520redirect%2520http%2520https%26hl%3Den%26lr%3D%26ie%3DUTF-8%26sa%3DN%26tab%3Dwg

3. Modify the login.jsp to detect the protocol and do the redirect there via Javascript. See http://www.experts-exchange.com/Web/Web_Servers/IIS/Q_20757759.html. Obviously, you'll have to include the Javascript in every page that you want to force into https.

The Javascript option helps with the second part. You can't change protocols through relative links, and using fully qualified URLs is a poor solution because of maintenance. You're better off by using Javascript in your products.jsp file as described in the PAQ above:

<SCRIPT LANGUAGE="JavaScript">
if (location.protocol != 'http:'){
     window.location= 'http://' + location.host + location.pathname + location.search
}
</SCRIPT>

Why would you want to drop out of SSL though? Once the connection has been set up, the encryption/ decryption overhead is minimal. Switching protocols can also give those annoying pop-up warnings you're about to leave a secure connection.
0
 

Author Comment

by:yoshir
ID: 11896379
plumin

I changed the rewrite rule by qualifying it more and took out the conditions. I applied a similar rule in the 443 virtual host to go from https to http when the link was back at the root (no longer in /secure)

Thanks
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

-Xmx and -Xms are the two JVM options often used to tune JVM heap size.   Here are some common mistakes made when using them:   Assume BigApp is a java class file for the below examples. 1.         Missing m, M, g or G at the end …
Verbose logging is used to diagnose garbage collector problems. By default, -verbose:gc output is written to either native_stderr.log or native_stdout.log.   It is also possible to redirect the logs to a user-specified file. This article will de…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question