登录页面使用HTTPS协议,登录成功跳转到个人中心使用HTTP协议,用的是Tomcat7.0,
我指定登录页面必须是使用HTTPS协议,用了Shiro框架,重定向方法是这样的:@Override
protected boolean executeLogin(ServletRequest request,
ServletResponse response) throws Exception {
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
AuthenticationToken token = createToken(request, response);
LOG.info("token:"+token);
try {
Subject subject = getSubject(request, response);
LOG.info("isRemembered: " + subject.isRemembered());
subject.login(token);
httpServletResponse.sendRedirect("http://192.168.8.262/shiroHttps/center.html");
return onLoginSuccess(token, subject, request, response);
} catch (AuthenticationException e) {
return onLoginFailure(token, e, request, response);
}
}
Tomcat请求响应是这样的:https://192.168.8.262/shiroHttps/login.html页面登录进入http://192.168.8.262/shiroHttps/center.html,但是http://192.168.8.262/shiroHttps/center.html变为了https://192.168.8.262/shiroHttps/center.html,我想了下,是因为必须要交互页面都为https才能进行传输吗!?我想知道在传输值得情况下怎么样从HTTPS访问到HTTP页面!谢谢了!
