• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Realms and SSL

 
Ranch Hand
Posts: 193
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,

I have simple but valid question in java web side.I refer a lot for answer,But could'nt find satisfying one.

i have seen many web applications which will run only if it'll be placed in webapp directory of Tomcat.No tomcat configuration is needed.My doubt is,

How these applications dealing with authentication and authorisation?(Without using container's ability to authenticate).

If the essential data for authentication and authorisation is from database ,How these sites deal with SSL?.

What is the real life practice to this issue?.To use container's ability to authenticate or custom code in serverside?.

Somebody plz..

MM
[ January 23, 2005: Message edited by: Murasoli Maran ]
 
Murasoli Maran
Ranch Hand
Posts: 193
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Anyone plz
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If your app relies on container managed resources, then you will need to configure those things at the container level.
 
Murasoli Maran
Ranch Hand
Posts: 193
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What is my app dont relies on container managed resources?.How can i achieve SSL over http?.Actually this was my doubt.

Thanks for your reply.

MM
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
SSL has to be set up and configured in tomcat in order for your app to use it.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
http://wiki.apache.org/jakarta-tomcat/HowTo

#11 on the list.
 
Murasoli Maran
Ranch Hand
Posts: 193
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Ben Souther:
SSL has to be set up and configured in tomcat in order for your app to use it.



Ben,

My question is how can i use SSL without Tomcat?.Is there any way?.I mean only programatically in serverside?.Wat's the best practice for authenticating?.To use Tomcat or not to use?.I know using tomcat is simple.But when deployment,Not relying much in container will better for easy and portable deployment.

So i seek experienced advice on this matter.

Thanks for the links ben.

MM
[ January 26, 2005: Message edited by: Murasoli Maran ]
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
SSL and authentication are not necessarily tied together.

You can do all the authentication in your application (programatic) or use the authentication provided by Tomcat (declarative).

SSL However, needs to be set up in the server/container you are using. You will not be able to do this ahead of time for the people to whom you ship your app. Only the owner of a domain will be able to buy a certificate from the major CAs.
 
Murasoli Maran
Ranch Hand
Posts: 193
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Ben..Good advice. :claps:

Thanks.

MM
 
reply
    Bookmark Topic Watch Topic
  • New Topic