One way to force servlets to go down the https path is to define your web server to only allow secure connections when accessing servlets. In IIS this can be accomplished through the definition if ISAPI filters. The ISAPI filter can instruct the web server to route all requests that end with a pre-defined prefix to the servlet engine. The trick is to then define files, with the predefined extension, in the web servers directory. For example, if the servlet's name is MyServlet a file with the name MyServlet.xxx would be placed on the web server. All calls to this file would be routed to the servlet engine. And IIS would be used to force all calls to the MyServlet.xxx file to go through https. The JRun servlet engine has examples of how to do this documented on their web page.

Is this item helpful?  yes  no     Previous votes   Yes: 1  No: 0

Comments and alternative answers

Tomcat supports SSL, either through Apache, or on its... Alex Chaffee PREMIUM, Jun 21, 2000 Tomcat supports SSL, either through Apache, or on its own (currently in an unstable state, though it should work in time for the next major release). Is this item helpful?  yes  no     Previous votes   Yes: 1  No: 0

Does anybody know how to do that for Apache/JServ ?... Victor Stratan, Oct 26, 2000 Does anybody know how to do that for Apache/JServ ? [Yes, see the Tomcat documentation web site. -A] Is this item helpful?  yes  no     Previous votes   Yes: 0  No: 0