i am writing a
struts based application using struts 1.2. The application is supposed to switch between both HTTP and HTTPs. To be more precise, the only page that is supposed to run on SSL is the login page.
Now i am so confused how i should implement this. The main problem that i am having is i am not sure how the webserver supports SSL.
To make it even more confusing.. the application is developed and tested on
Tomcat 5.0, i know that from within tomcat i can configure the tomcat webserver to run specific 'Actions' on secure sessions this is not a problem.
The actual problem is that the application will eventually be deployed on an Apache Webserver running JRUN. This is where the problem starts. I have googled around and have not been able to clarify whether Apache
supports SSL. I have seen some articles but it all looks way too confusing. So can somebody please clarify this for me.
one important thing to note is that i will not have access to the Apache webserver so configuring it is out of the question. I might probably be able to enable SSL (if i ask nicely).
Now this is what i need to know
0. Can a struts application be developed to run on SSL on JRUN/APACHE without the need to configure Apache? If not, what are the necessary configuration needed?
1. Does Apache support SSL?
2. Does JRun support SSL?
3. If i were to implement SSL on just the Login page, what is the best and quickest approach? (the target environment is JRUN on APACHE)
The application does not really need to use SSL keys coz that is not important(i.e. they dont want to pay for it
) All its supposed to do is ensure that the data transfered is over ssl.
can u help?
Any help will be greatly appreciated.
[ October 19, 2005: Message edited by: Ziggy - [The Oracle] ]