Win a copy of Java Concurrency Live Lessons this week in the Threads forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Http to Https conversion  RSS feed

 
sreedhar lak
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello All,
How can we make a site as https i.e., secured one.
I know using SSL we can do but not that much.
Please give me some example code....
thanks a lot
 
Marcelo Ortega
Ranch Hand
Posts: 528
Eclipse IDE Hibernate Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi sreedhar,

Assuming you are using Java's Servlet technology model, you can create security constraints in the deployment descriptor, along with specifying whether the data should be transported keeping it confidential (encripted)(HTTPS) and/or integral (cannot be tampered with).

In some cases your web container must be configured to support https.
Search google for details.

hth.
Regards.
 
kwame Iwegbue
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This topic can be a little tricky so I recommend reading this in a good book like moreservlets by marty hall. or even better, just review chapters 7 and 8 in pdf on the web site - www.coreservlets.com

But basically there are 2 ways
1. Declarative security, in which you configure your applications web.xml and the containers' users file. Then essentially the server takes care of implementing authentication, access restriction and SSL as defined by you. This is easier but suffers from lack of portability, as the process varies for different servers.

2. Programatic security in which some or all of the security is handled by you. this is more portable but requires more work.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!