Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

web app security constraints  RSS feed

 
Andrew Nomos
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

I have two questions regarding java web applications:

- how do i set up a java web application to support SSL or any another type of
encryption?
- a security constraint is that the connection must cut off when the user
hasn't done anything for 15 minutes. what is the best way to realize this?

Any suggestions would be highly appreciated.

Thanks,
Andrew
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Andrew Nomos:
- how do i set up a java web application to support SSL or any another type of encryption?

This is done at the container level. Check your Server's documentation for details. Here's Tomcat's:
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/ssl-howto.html


- a security constraint is that the connection must cut off when the user
hasn't done anything for 15 minutes. what is the best way to realize this?

Set the session-timeout property to 15 minutes.
When your user logs in, bind an object to their session.
Write a filter that checks for this object in the user's session at each request.
If the object is null, forward or redirect the user back to the login page.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!