How do I force JSP page references to use the HTTPS rather than HTTP protocol? It seems that using <jsp:forward .../>, for instance, prohibits me from specifying the https:// protocol explicitly in the reference (e.g., <jsp:forward page="https://..."/> is not allowed).
As far as using HTTPS rather than HTTP for JSP references, this it typically handled by the web server being used in "front" of the servlet container your JSP is running in. If the http server has encryption enabled, all JSP (as well as HTML, images, etc) requests made to that server will be encrypted to/from the user's browser. There doesn't really need to be anything done by the JSP. The exception to this would be any absolute HTML links in the JSP file (note that relative and server-relative links are ok).