aspose file tools*
The moose likes Security and the fly likes a simple question about ssl Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "a simple question about ssl" Watch "a simple question about ssl" New topic
Author

a simple question about ssl

Mahola Nawado
Greenhorn

Joined: Dec 13, 2003
Posts: 8
I call a.jsp with http. In a.jsp, I have a link calling b.jsp with https. In b.jsp, I have a link calling c.jsp with http.
d1 = http request for calling b.jsp
d2 = http response which sends b.jsp
d3 = http request for calling c.jsp
d4 = http response which sends c.jsp
Which of d1, d2, d3, d4 are encrypted? Thanx...
Bruno Grossi
Greenhorn

Joined: Mar 08, 2004
Posts: 3
I thing that d1 and d2 are encrypted.
Mahola Nawado
Greenhorn

Joined: Dec 13, 2003
Posts: 8
thank you bruno... but isnt there anybody here who knows the answer of this question and sure about it..???
Mahola Nawado
Greenhorn

Joined: Dec 13, 2003
Posts: 8
still waiting for an answer...
William Barnes
Ranch Hand

Joined: Mar 16, 2001
Posts: 986

The communications between a.jsp & b.jsp are secure, nothing else.


Please ignore post, I have no idea what I am talking about.
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982
The data transmited through the 2 SSL endpoints are encrypted, since only a.jsp and b.jsp communicate using SSL (HTTPS), thus, only d1 and d2 are encrypted.
Sometimes, when you are browsing a site using SSL, there may be a pop up: "Now, you are going to read a page that is not protected by SSL", something like that, which means, the current page you are browsing is using SSL, however, the link you are clicking is NOT. And thus this message appears.
Nick


SCJP 1.2, OCP 9i DBA, SCWCD 1.3, SCJP 1.4 (SAI), SCJD 1.4, SCWCD 1.4 (Beta), ICED (IBM 287, IBM 484, IBM 486), SCMAD 1.0 (Beta), SCBCD 1.3, ICSD (IBM 288), ICDBA (IBM 700, IBM 701), SCDJWS, ICSD (IBM 348), OCP 10g DBA (Beta), SCJP 5.0 (Beta), SCJA 1.0 (Beta), MCP(70-270), SCBCD 5.0 (Beta), SCJP 6.0, SCEA for JEE5 (in progress)
scott p laplante
Greenhorn

Joined: Mar 12, 2004
Posts: 13
d1 through d4 would all have to be implemented over https as well, as other posters have said. any server-side includes when processing b.jsp would also (naturally, but mootly, as it's server-side) be secure.
 
 
subject: a simple question about ssl