Best way to check for https

**cmgharris** · Oct 4th, 2004, 07:08 AM

I am using apache/jboss, and I have just configured apache for ssl. I can now access my web app pages either using http or https.
Obviously, for pages that need to be secure, I need to make sure that they are accessed via https and not http.
The only way I can see to do this is to write an interceptor which examines the requestURL and checks to make sure it starts with https.
I guess this would work, but it feels like a bit of a kludge.
Is there a better way?
Sorry this isn't a very 'spring' question - I'm not sure where else to ask.

**Scott Battaglia** · Oct 4th, 2004, 07:21 AM

There is a feature in the Acegi Framework that ensures that any URLs you determine to be https will be redirected to HTTPS if they are accessed via http.

The javadoc for the class is here: http://www.monkeymachine.co.uk/acegi...ingFilter.html

The reference page is here:
http://www.monkeymachine.co.uk/acegi...urity-channels

**cmgharris** · Oct 4th, 2004, 09:33 AM

I plan to look further at Acegi when I have time . . .
In the meantime it's pointed me in the right direction - the isSecure() method of ServletRequest is what I'm looking for.

Thanks

Thread: Best way to check for https

Thread Tools

Display

Best way to check for https

Similar Threads

How to check errors for a form field?

Check out from CVS problems

how can I check conflicts on updating?

Does Ageci check session is user is logged in?

SimpleFormController security check

Posting Permissions