This week's giveaway is in the EJB and other Java EE Technologies forum. We're giving away four copies of EJB 3 in Action and have Debu Panda, Reza Rahman, Ryan Cuprak, and Michael Remijan on-line! See this thread for details.
Hi, I am working on a website which includes some pages that needs the data to be transmitted between the client and the server to be secure. i.e. the transaction should be through SSL. I know bits and pieces about SSL but i am not able to locate any source of information or examples etc. as to how can i implement SSL in my application. Also I want to know how the things behind the scene works. Does the data collected from html form will be encrypted in SSL and how does webserver decrypt and uses the data? I have all basic questions. Please do answer. Thanks [ September 19, 2003: Message edited by: Megha Roy ]
Yes, it uses SSL, but this is usually implemented as HTTP over SSL, also known as HTTPS. What this means is that you still talk basic HTTP, and the transport layer takes care of managing the SSL part. As to the implementation specifics, there are a few options and it is also vendor specific. You can have the App server provide the HTTPS implementation, or you can have the Web Server provide SSL and talk basic HTTP with the app serever, or you can implement it twice, SSL from the Web Server and SSL between the Web and App Servers. You'll need to check the documentation for your server though. Dave