| Author |
turn on SSL or session tracking
|
Brenda Kwok
Ranch Hand
Joined: Nov 30, 2004
Posts: 38
|
|
Hello, 
I read the HF book, I don't know a point in P.647. After preparing the html form and DD for FORM authentication, how to turn on SSL or session tracking. 
I want to know how to do the two methods.
Thank you.
Brenda 
|
[SCJP,SCWCD,SCBCD,SCEA(PARTI)]
|
 |
Brenda Kwok
Ranch Hand
Joined: Nov 30, 2004
Posts: 38
|
|
I am beginner to take this exam. Can anyone answer my question pls.
Thanks.
|
|
Bert Bates
author
Sheriff
Joined: Oct 14, 2002
Posts: 8712
|
|
Hey Brenda,
Ok, you've got Form-based authentication discussed on page 647, and you've got data confidentiality / integrity discussed on page 652. If you compare them, you'll see that they work independently of one another 
To get them to work together, check out pages 653-655!
Good luck on the exam, let us know how you do! And... if it seems that you need more time to study, postpone the exam!
- Bert
|
Eliminate fossil fuel subsidies. (If you're not on the edge, you're taking up too much room.)
|
|
Brenda Kwok
Ranch Hand
Joined: Nov 30, 2004
Posts: 38
|
|
I got this error "Invalid direct reference to form login page" when i typed correct username and password.
Do we need to install real cert for the FORM-based authentication and CONFIDENTAIL option in <transport-guarantee> ?
:roll:
|
|
Giju George
Ranch Hand
Joined: Jun 08, 2004
Posts: 333
|
|
|
If you look at the figure in page 655 of HFS, it says that if the <user-data-constraint> is configured in the DD, then the server informs the client to come on a secure protocol ie https. So I think you need to have digital certificate installed on the server to get this working.
|
SCJP 1.4, SCWCD 1.4, SCBCD 1.3, SCEA
|
|
 |
|
|
subject: turn on SSL or session tracking
|
|
|
0
