How can I know if the request to the servlet was executed using HTTP or HTTPS?

by

HttpSerlvetRequest.isSecure() is the answer. The ServletContainer is responsible for returning true in the following cases:

  • If the ServletContainer can itself accept requests on https.
  • If there is a LoadBalancer in front of ServletContainer. And , the LoadBlancer has got the request on https and has dispatched the same to the ServletContainer on plain http. In this case, the LoadBalancer sends X-SSL-Secure : true header to the ServletContainer, which should be honored.

The Container should also make this request attributes available when the request is received on https:

  • javax.servlet.http.sslsessionid
  • javax.servlet.request.key_size
  • javax.servlet.request.X509Certificate

More Related Contents:

  1. Trusting all certificates using HttpClient over HTTPS
  2. Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?
  3. Accept server’s self-signed ssl certificate in Java client
  4. Java: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  5. Java HTTPS client certificate authentication
  6. why doesn’t java send the client certificate during SSL handshake?
  7. How to fix the “java.security.cert.CertificateException: No subject alternative names present” error?
  8. How to handle invalid SSL certificates with Apache HttpClient? [duplicate]
  9. Simple Java HTTPS server
  10. SSLHandshakeException: No subject alternative names present
  11. HttpGet with HTTPS : SSLPeerUnverifiedException
  12. How to force java server to accept only tls 1.2 and reject tls 1.0 and tls 1.1 connections
  13. Problems connecting via HTTPS/SSL through own Java client
  14. Java and HTTPS url connection without downloading certificate
  15. Whats an easy way to totally ignore ssl with java url connections?
  16. How to do an HTTPS POST from Android?
  17. Enabling specific SSL protocols with Android WebViewClient
  18. Java SSLException: hostname in certificate didn’t match
  19. javax.net.ssl.SSLException: SSL handshake aborted Connection reset by peer while calling webservice Android
  20. Android SSL HttpGet (No peer certificate) error OR (Connection closed by peer) error
  21. Allowing Java to use an untrusted certificate for SSL/HTTPS connection
  22. why business logic should be moved out of JSP?
  23. Should I close the servlet outputstream? [duplicate]
  24. What is the use of filter and chain in servlet?
  25. sending variable from one jsp to another jsp
  26. How to access a request attribute set by a servlet in JSP?
  27. Pass data from Java Servlet to JSP? [duplicate]
  28. Maven: resource binary changes file size after build
  29. Session TimeOut in web.xml
  30. Logging response body (HTML) from HttpServletResponse using Spring MVC HandlerInterceptorAdapter

Leave a Comment