• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

https or SSL

 
Ranch Hand
Posts: 66
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hey,

Im looking for a nice simple example on how to use SSL or HTTPS. Ok, what I really want to do is use POST or GET so that I can work with websites that use SSL or HTTPS. A book that teaches this also would be nice, but I would settle for an easy(im a newbie) example to go with.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Welcome to JavaRanch.

This introduction to the SAAJ API has a good introduction on how to use SSL with web services on Tomcat on the last few pages.
 
Ranch Hand
Posts: 36
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Does this mean that in my submission I just need to state that: configure SSL in the Web Server and add a link to the HTTPS URL? The link would contain payment total etc...

Another option instead of link containing payment total is puttin in session...
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Manny,

I'm not sure what the "submission" is you're talking about, and your mention of links and sessions is too vague to give an answer: TellTheDetails
[ November 13, 2006: Message edited by: Ulf Dittmer ]
 
Manny Pacman Pacquiao
Ranch Hand
Posts: 36
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Ah, sorry about that too few information. This is about the security part of the submission. What I meant was is it enough for me to say SSL would be configured in the web servers? And then provide a little scenario where after customer confirms the itinerary, a link like https://<etc>+paymentValue=1000USD would lead to payment..., would be provided in my page to make payment.
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
By "submission", do you mean submitting a solution to some certification? Don't know the first thing about those, so can't help you with that.

Transferring a payment value in a URL seems a bad idea. Data like that should be kept on the server, so that the user has no way of manipulating it.
 
Ranch Hand
Posts: 41
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
For any SSL application, you should provide rootCA for SSL handshake. Once the SSL handshake is successful, actual webservice invocation takes place. So refering the rootCA at client program varies from webserver to webserver. in general cacerts java trust will be refer as Trust keystore.

where webservice is deployed? what is the client [java/webapp]? For weblogic app server refer http://edocs.bea.com/wls/docs81/webserv/security.html#1053182.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic