{
StringBuffer url = new StringBuffer(link);
String contextPath = request.getContextPath();
SecurePlugInInterface securePlugin = (SecurePlugInInterface)app.getAttribute(SecurePlugInInterface.SECURE_PLUGIN);
if (securePlugin.getSslExtEnable() &&
url.toString().startsWith(contextPath))
{
// Initialize the scheme and ports we are using
String usingScheme = request.getScheme();
String usingPort = String.valueOf(request.getServerPort());
// Get the servlet context relative link URL
String linkString = url.toString().substring(contextPath.length());
// See if link references an action somewhere in our app
SecureActionConfig secureConfig = getActionConfig(request, app, linkString);
// If link is an action, find the desired port and scheme
if (secureConfig != null &&
!SecureActionConfig.ANY.equalsIgnoreCase(secureConfig.getSecure()))
{
String desiredScheme = Boolean.valueOf(secureConfig.getSecure()).booleanValue() ?
HTTPS : HTTP;
String desiredPort = Boolean.valueOf(secureConfig.getSecure()).booleanValue() ?
securePlugin.getHttpsPort() : securePlugin.getHttpPort();
// If scheme and port we are using do not match the ones we want
if (!desiredScheme.equals(usingScheme) ||
!desiredPort.equals(usingPort))
{
url.insert(0, startNewUrlString(request, desiredScheme, desiredPort));
// This is a hack to help us overcome the problem that some
// older browsers do not share sessions between http & https
// If this feature is diabled, session ID could still be added
// the previous call to the RequestUtils.computeURL() method,
// but only if needed due to cookies disabled, etc.
if (securePlugin.getSslExtAddSession() && url.toString().indexOf(";jsessionid=") < 0)
{
// Add the session identifier
url = new StringBuffer(toEncoded(url.toString(),
request.getSession().getId()));
}