It's not a secret anymore!
The moose likes JSP and the fly likes Securing JSP's Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Securing JSP Watch "Securing JSP New topic

Securing JSP's

Jaggi Kunal
Ranch Hand

Joined: Jan 21, 2003
Posts: 45
I want to write Secure JSP’s. For this I want to make use of HTTPS CLIENT Authentication mechanism. I have followed the following steps :-
Step 1 : Installing SSL Libraries.
For this we need JSSE. Since I am using JDL1.4 to it is already there.
Step 2 : Enabling SSL in <CATALINA_HOME>\conf\server.xml (I am using Tomcat 4.1.12)
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8083" minProcessors="5" maxProcessors="75"
acceptCount="10" debug="0" scheme="https" secure="true">

<Factory className="" clientAuth="false" protocol="TLS" />
This is causing the Server to shutdown whenever started (startup.bat).
Step 3 : Generating public and private keys
How do I generate public and private keys for alias “tomcat”? Is the following command correct.
<JAVA_HOME>\keytool –genkey –alias tomcat –keyalg RSA
OR it should be :
<CATALINA_HOME>\keytool –genkey –alias tomcat –keyalg RSA
Step 4 Changing web.xml
Can anybody help me to tackle the problems encountered in step 2 and 3.
Kunal Jaggi
I agree. Here's the link:
subject: Securing JSP's
It's not a secret anymore!