• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Making secured websites

 
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have heard about sites being secured, using https. Can someone give me an insight on how to make a secured website using ofcourse java, servlets say a WLS
 
Ranch Hand
Posts: 190
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This is a very broad question which I will answer in part.

HTTPS, which is HTTP over SSL (Secure Socket Layer) is one way of securing a request/response, which as you probably know encrypts data over the wire.

The container usually does this for you if you configure it correctly, read your container notes.

Many other security features can also be applied to web applications such as BASIC Authentication. I would advise you invest in a J2EE Security Book to find out more.
 
Rajesh Agarwal
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks James... Is it just about configuring to make a site secured, or does some part of coding also go into this.

This whole concept is kinda vague.
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Both...
Either....

If you pickup a book on J2EE security, you will find sections on
"declarative security" and "programmatic security".

Setting up an SSL certificate is done completely at the container level.
You can specify which components must go through SSL in your deployment descriptor.

As James said, it's a very broad topic.
If you're serious about it, get a book.

"Mastering Tomcat" by Wiley Press has a good introduction to security.
A lot of what it covers applies to J2EE in general, not just Tomcat.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic