aspose file tools
The moose likes Security and the fly likes a simple question about ssl Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Engineering » Security
Reply Bookmark "a simple question about ssl" Watch "a simple question about ssl" New topic
Author

a simple question about ssl

Mahola Nawado
Greenhorn

Joined: Dec 13, 2003
Posts: 8
posted private message
0
Quote
I call a.jsp with http. In a.jsp, I have a link calling b.jsp with https. In b.jsp, I have a link calling c.jsp with http.
d1 = http request for calling b.jsp
d2 = http response which sends b.jsp
d3 = http request for calling c.jsp
d4 = http response which sends c.jsp
Which of d1, d2, d3, d4 are encrypted? Thanx...
Bruno Grossi
Greenhorn

Joined: Mar 08, 2004
Posts: 3
posted private message
0
Quote
I thing that d1 and d2 are encrypted.
Mahola Nawado
Greenhorn

Joined: Dec 13, 2003
Posts: 8
posted private message
0
Quote
thank you bruno... but isnt there anybody here who knows the answer of this question and sure about it..???
Mahola Nawado
Greenhorn

Joined: Dec 13, 2003
Posts: 8
posted private message
0
Quote
still waiting for an answer...
William Barnes
Ranch Hand

Joined: Mar 16, 2001
Posts: 965

I like...
Eclipse IDE Redhat Tomcat Server
posted private message
0
Quote
The communications between a.jsp & b.jsp are secure, nothing else.

Please ignore post, I have no idea what I am talking about.
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982
posted private message
0
Quote
The data transmited through the 2 SSL endpoints are encrypted, since only a.jsp and b.jsp communicate using SSL (HTTPS), thus, only d1 and d2 are encrypted.
Sometimes, when you are browsing a site using SSL, there may be a pop up: "Now, you are going to read a page that is not protected by SSL", something like that, which means, the current page you are browsing is using SSL, however, the link you are clicking is NOT. And thus this message appears.
Nick

SCJP 1.2, OCP 9i DBA, SCWCD 1.3, SCJP 1.4 (SAI), SCJD 1.4, SCWCD 1.4 (Beta), ICED (IBM 287, IBM 484, IBM 486), SCMAD 1.0 (Beta), SCBCD 1.3, ICSD (IBM 288), ICDBA (IBM 700, IBM 701), SCDJWS, ICSD (IBM 348), OCP 10g DBA (Beta), SCJP 5.0 (Beta), SCJA 1.0 (Beta), MCP(70-270), SCBCD 5.0 (Beta), SCJP 6.0, SCEA for JEE5 (in progress)
scott p laplante
Greenhorn

Joined: Mar 12, 2004
Posts: 13
posted private message
0
Quote
d1 through d4 would all have to be implemented over https as well, as other posters have said. any server-side includes when processing b.jsp would also (naturally, but mootly, as it's server-side) be secure.
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: a simple question about ssl
 
Similar Threads
Popup window using Struts
ssl
Question on Pass By Reference
page relative vs file relative [ include action vs include directive]
double call by reference?