• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Making secured websites

 
Rajesh Agarwal
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have heard about sites being secured, using https. Can someone give me an insight on how to make a secured website using ofcourse java, servlets say a WLS
 
James Clinton
Ranch Hand
Posts: 190
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is a very broad question which I will answer in part.

HTTPS, which is HTTP over SSL (Secure Socket Layer) is one way of securing a request/response, which as you probably know encrypts data over the wire.

The container usually does this for you if you configure it correctly, read your container notes.

Many other security features can also be applied to web applications such as BASIC Authentication. I would advise you invest in a J2EE Security Book to find out more.
 
Rajesh Agarwal
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks James... Is it just about configuring to make a site secured, or does some part of coding also go into this.

This whole concept is kinda vague.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Both...
Either....

If you pickup a book on J2EE security, you will find sections on
"declarative security" and "programmatic security".

Setting up an SSL certificate is done completely at the container level.
You can specify which components must go through SSL in your deployment descriptor.

As James said, it's a very broad topic.
If you're serious about it, get a book.

"Mastering Tomcat" by Wiley Press has a good introduction to security.
A lot of what it covers applies to J2EE in general, not just Tomcat.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic