Announcement Announcement Module
No announcement yet.
Best way to check for https Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Best way to check for https

    I am using apache/jboss, and I have just configured apache for ssl. I can now access my web app pages either using http or https.
    Obviously, for pages that need to be secure, I need to make sure that they are accessed via https and not http.
    The only way I can see to do this is to write an interceptor which examines the requestURL and checks to make sure it starts with https.
    I guess this would work, but it feels like a bit of a kludge.
    Is there a better way?
    Sorry this isn't a very 'spring' question - I'm not sure where else to ask.

  • #2
    There is a feature in the Acegi Framework that ensures that any URLs you determine to be https will be redirected to HTTPS if they are accessed via http.

    The javadoc for the class is here:

    The reference page is here:


    • #3
      I plan to look further at Acegi when I have time . . .
      In the meantime it's pointed me in the right direction - the isSecure() method of ServletRequest is what I'm looking for.