jsf - How to force only one page to open with SSL? -

-

in project, using ssl works pages.i want use login page, after page should revert http protocol. how can that? found way below, not work.

    <security-constraint>     <web-resource-collection>         <web-resource-name>notify page, accessed internally application</web-resource-name>         <url-pattern>/login.xhtml</url-pattern>     </web-resource-collection>     <user-data-constraint>         <transport-guarantee>confidential</transport-guarantee>     </user-data-constraint> </security-constraint>  <security-constraint>     <web-resource-collection>         <web-resource-name>entire site</web-resource-name>         <url-pattern>/*</url-pattern>     </web-resource-collection>     <user-data-constraint>         <transport-guarantee>none</transport-guarantee>     </user-data-constraint> </security-constraint>

my project jsf 2.0 project, using eclipse helios , tomcat 7.0.

thanks.

that's not possible. when session created https request, not available http requests. best bet create non-secure cookie during login , maintain login instead.

map<string, object> properties = new hashmap<string, object>(); properties.put("secure", false); externalcontext.addresponsecookie(name, value, properties);

but think once again this, what's point of https login then? if go http after https , want keep user logged-in, you're required set session cookie unsecure. way hackers still able sniff session id in cookie session fixation hack. login on https prevent hackers learn actual username/password, has no point anymore once hacker figures session id in cookie.

i'd say, forget switch , stick https time after login.


Comments

Post a Comment

Popular posts from this blog

c# - how to write client side events functions for the combobox items -

-
<dx:aspxcombobox id="aspxcombobox2" runat="server" clientidmode="autoid" selectedindex="-1" onselectedindexchanged="aspxcombobox1_selectedindexchanged1" > <clientsideevents selectedindexchanged="function(s, e) { grid.selectrows();}" /> <items> <dx:listedititem text="selecte rows" /> <dx:listedititem text="unselectall" /> </items> </dx:aspxcombobox> i want write event "unselect all" item in combobox. how can this? you'll need write javascript function iterates thru combo-box , marks selected items false. see select/unselect checkbox fields using pure javascript , html sample code msdn:
Read more

exception - Python, pyPdf OCR error: pyPdf.utils.PdfReadError: EOF marker not found -

-
pypdf throws exception: pypdf.utils.pdfreaderror: eof marker not found i don't need fix pypdf, need eof error cause "except" block execute , skip on file, doesn't work. still causes program stop running. background: batch ocr program pdfs python, pypdf, adobe pdf ocr error: unsupported filter /lzwdecode ... saga continues. i got 10,000 pdfs in folder. ocrd, not. can't tell 'em apart. step 1 figure out ones not ocrd , ocr (see other threads details). so i'm using pypdf. exceptions related unrecognized characters , unsupported filters when try read text. guestimated if throws exception, it's got text in , doens't go in list. problem solved, right? so: pypdf import pdffilewriter, pdffilereader import sys, os, pypdf, re path = 'c:\users\homer\documents\my pdfs' filelist = os.listdir(path) has_text_list = [] does_not_have_text_list = [] pdf_name in filelist: pdf_file
Read more