Hello forum;
Using Glassfish v2-ur2. Created a Servlet Filter to listen to all requests (pattern /*). The Webapplication has some secured resources (requires role xy), Form-Based Auth is configuread with a login page.
<br/><br/>
I am not logged in;
when i call the secured resource over <b>http</b> the servlet filter catches the request (the request targets the login page).<br/>
when i call the same resource over <b>https</b> the server sends my to the login page <b>without passing by ServletFilter</b>.
<br/><br/>
Is there a reason for this? Can this be configured, or is this a bug in Glassfish?
<br/><br/>
Thanks for any hints...
Ivo
[Message sent by forum member 'jdrive' (jdrive)]
http://forums.java.net/jive/thread.jspa?messageID=318605