• Post Reply Bookmark Topic Watch Topic
  • New Topic

Security issue  RSS feed

 
Ranch Hand
Posts: 41
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
I had a security related problem in <user-auth-constraint> tag please help out.
When I place either CONFIDENTIAL/INTEGRAL in <tranport-guarantee> tag the browser displays error "page cant be displayed".
My web.xml is :


<?xml version="1.0" encoding="UTF-8"?>

<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">

<welcome-file-list>
<welcome-file>
index.jsp
</welcome-file>
</welcome-file-list>
<security-role>
<role-name>manager</role-name>
</security-role>


<security-constraint>
<web-resource-collection>
<web-resource-name> tipu </web-resource-name>
<url-pattern>/*</url-pattern>
<http-method> GET </http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL </transport-guarantee>
</user-data-constraint>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>


</security-constraint>

<login-config>
<auth-method>BASIC</auth-method>
</login-config>

</web-app>



And I am using Java5,netbeans 5.5.1,tomcat 5.5 and j2ee1.4. Thanks in advance. Cheers !!!
 
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Night,

You have to create a (self-signed) certificate to make SSL work. You also have to configure some file in Tomcat (if that's what you're using).

Google for it - on tomcat's website it is explained very well.
 
Sheriff
Posts: 14691
16
Eclipse IDE Ubuntu VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"night fox",
Welcome to the ranch. You may not be aware of the ranch Naming Policy. Please read it carefully and change your name accordingly (obviously fake names are not allowed). Thank you.
 
Abhijit Rai
Ranch Hand
Posts: 41
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Jan,
Got it now .It really is pretty straight forward .There are 2 steps as Jan prophesied

1.Create a certificate keystore by executing the following command:
Windows:
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
Unix:
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA

and remember to specify a password value as "changeit"(only for tomcat).

2.Add

<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />

in server.xml present in %catalina-home%\conf\
.
 
author & internet detective
Marshal
Posts: 37698
575
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"abhijit.r",
You are getting closer to following the naming policy now, but not quite there yet. Please use a space rather than a dot to separate first name and last name. Also, we do not allow an initial for the last name.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!