Postby phillipuniverse » Fri Aug 31, 2012 10:06 am
Can you verify that this snippet is in applicationContext-security.xml:
Code: Select all
<!-- Specify these URLs as requiring HTTPS to encrypt user data -->
<sec:intercept-url pattern="/register*" requires-channel="https" />
<sec:intercept-url pattern="/login*/**" requires-channel="https" />
<sec:intercept-url pattern="/account/**" access="ROLE_USER" requires-channel="https" />
<sec:intercept-url pattern="/checkout/**" requires-channel="https" />
<sec:intercept-url pattern="/confirmation/**" requires-channel="https" />
The Broadleaf forums are being retired as a readonly archive of questions. For active discussions and questions, check out the
broadleaf-commerce tag on Stack Overflow which is actively monitored by the Broadleaf team.