*
The moose likes JSP and the fly likes Securing JSP's Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Securing JSP Watch "Securing JSP New topic
Author

Securing JSP's

Jaggi Kunal
Ranch Hand

Joined: Jan 21, 2003
Posts: 45
I want to write Secure JSP’s. For this I want to make use of HTTPS CLIENT Authentication mechanism. I have followed the following steps :-
Step 1 : Installing SSL Libraries.
For this we need JSSE. Since I am using JDL1.4 to it is already there.
Step 2 : Enabling SSL in <CATALINA_HOME>\conf\server.xml (I am using Tomcat 4.1.12)
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8083" minProcessors="5" maxProcessors="75"
acceptCount="10" debug="0" scheme="https" secure="true">

<Factory className="org.apache.catalina.net.SSLServerSocketFactory" clientAuth="false" protocol="TLS" />
</Connector>
This is causing the Server to shutdown whenever started (startup.bat).
Step 3 : Generating public and private keys
How do I generate public and private keys for alias “tomcat”? Is the following command correct.
<JAVA_HOME>\keytool –genkey –alias tomcat –keyalg RSA
OR it should be :
<CATALINA_HOME>\keytool –genkey –alias tomcat –keyalg RSA
Step 4 Changing web.xml
Can anybody help me to tackle the problems encountered in step 2 and 3.
Regards,
Kunal Jaggi
SCJP2
 
jQuery in Action, 2nd edition
 
subject: Securing JSP's
 
Similar Threads
weblogic 8.1 SSL configuration.
Https java api security
Security issue
Generating public and private keys
Tomcat and SSL