• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Paul Clapham
  • Bear Bibeault
  • Jeanne Boyarsky
Sheriffs:
  • Ron McLeod
  • Tim Cooke
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Jj Roberts
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • salvin francis
  • Scott Selikoff
  • fred rosenberger

what triggers these two pop up windows ?

 
Ranch Hand
Posts: 162
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
1. the standard "security alert" windows. It shows "it can't be viewed by others, but it includes a security certificate. doy ou want to proceed ? choose "yes", "no", "view certificate". What triggers this ? how to turn it on/off ?

2. sometimes between html or JSP pages, it first pops up a small box asking if you want to "retry" or "cancel", if you click "retry" the next page shows up. what triggers this ? anyway to turn this off ?
 
Sheriff
Posts: 14691
16
Eclipse IDE VI Editor Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Concerning number 2, it is probably a page with a form that you are trying to refresh or re-submit (using the refresh button, or back button of the browser). It has to be dealt using the PRG Pattern. I'm not sure you can disable it with your browser.
 
Ranch Hand
Posts: 129
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i think no. 1is is about the security settings of the appilcation.. maybe uses ssl (https) not http.. you connection will be secured if you are in https than in ordinary http connection.. correct me if im wrong
 
Christophe Verré
Sheriff
Posts: 14691
16
Eclipse IDE VI Editor Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes, this is used by trusted sites.
An example is here:
http://www.nyc.gov/html/misc/html/secure.html
 
Author
Posts: 85
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ok, I think I know what is going on here...

First in plain English. Why do people trust passports? Because passports are authorized by governments. Imagine if I create a passport, sign it and say my buddy John authorized it! Could I get through the border? Not a chance because the border authorities have no idea who John is and whether or not he can be trusted.

When you use SSL you are using a combination of PKI, and symetric keys. The PKI is used for the initial secret key exchange. The problem though is how do you know that an SSL certificate is what it is supposed to be? The answer is that you don't and the SSL certificate needs to be signed. Signing the certificate means that the client and the server have contacted a single entity. The single entity is called a trusted authority. Thus when your browser contacts a server and is presented with an SSL certificate signed by the authority your browser will accept the signature of the authority because you have the verification information from the authority.

Where things get funny is if your browser does not have the signature of the signing authority. This is akin to being presented with a passport signed by John! Your browser alerts you and says, wait one minute here! Therefore to avoid the problems you can do two things. Ask the supplier of the certificate to get it properly signed. Or get a verification certificate from the authority and add it to your browser.

Ok?
[ February 22, 2006: Message edited by: Christian Gross ]
 
It's a pleasure to see superheros taking such an interest in science. And this tiny ad:
the value of filler advertising in 2020
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic