0

Lets say i have a jsp page which invokes a servlet. Now I want the servlet to forward this request to someother secured jsp page which i have configured to be secured in my web.xml.

The problem is the jsp pages opens as secured if I open it directly from the address bar of my browser. But it doesnt open securely if the servlet forwards to that jsp page. Why is that?

2
Contributors
2
Replies
3
Views
7 Years
Discussion Span
Last Post by karanits
0

AFAICT, the container has no way of knowing that it has to switch to HTTPS given that the forwarding happens within the code executing on the server. A resource is just a resource and by itself, it has no way of knowing whether it has to be served over a normal channel or a secure channel. Also, I think the configuration placed in the web.xml which relates to external requests made by the client and not internal forwards done.

Instead of doing a forward, try redirecting to that resource. It if still doesn't work, post your web.xml configuration along with the relevant piece of code you are using.

Edited by ~s.o.s~: n/a

0

Thanks for the reply. I know I can do redirection instead of forward. I had tested it before and it works.

But i had to set some request attributes in the servlet and use it in the secured JSP.

Now i will have to set attributes in session instead. I was vary of setting to much session attributes, that's why I was thinking of a workaround.

Edited by karanits: n/a

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.