I want to secure only certain pages of my application. I can do this using the security-constraint -> transport-guarantee within web.xml.

As I understand it the application server will force the use of SSL when transport guarantee is CONFIDENTIAL. Is there a way to force HTTP (non-SSL) for the remainder of the application.