wood burning stoves 2.0*
The moose likes Servlets and the fly likes SSL Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "SSL" Watch "SSL" New topic
Author

SSL

Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362
Hi,
I have a web application and in that some pages are secured(use HTTPS) and some pages use plain HTTP. Is there a way to mark the pages as secured( for URL to change as HTTPS) and unsecured(Using only HTTP). I use a context and WEBSPHERE as the APP Server.

Pls reply
Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362
Any Update guys?
Sundar Gopal
Greenhorn

Joined: Jun 20, 2003
Posts: 17
*****************************************************
Is there a way to mark the pages as secured( for URL to change as HTTPS) and unsecured(Using only HTTP).
*****************************************************
can u elaborate more on the above line so that i can understand your problem correctly..


Regards,<br />SundarGopal.<br />Scjp, Scwcd, Scbcd.
Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362
Hey Gopal,

*****************************************************
Is there a way to mark the pages as secured( for URL to change as HTTPS) and unsecured(Using only HTTP).
*****************************************************

If you browse any banking sites, some of the pages will be HTTPS and some will be HTTP pages. Since I have a single application, can I make some links to post to HTTPS and some to HTTP. Pls note, I don't want to hard code the URL ( like https://somedomain/somepage.do)

Any suggestions?
Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362
Any luck guys
Anthony Watson
Ranch Hand

Joined: Sep 25, 2003
Posts: 327
This probably won't help you but I'm posting it because you keep asking and aren't getting any responses. I used Struts for a recent project and I incorporated the struts-sslext plugin. The plugin allows you to specify whether you want an action to be accessed via HTTP or HTTPS in the struts-config.xml file. To do this, you simply put the following inside your action tag:


The sslext plugin works perfectly in my experience.
Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362
where can I download the plug in....pls help its urgent
Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362
Hi,
Is this property supported in Struts 1.1? If not pls tell me where I can download it(is it a third party jar???)

<set-property value="true" property="secure" />
Anthony Watson
Ranch Hand

Joined: Sep 25, 2003
Posts: 327
http://sslext.sourceforge.net/
Anthony Watson
Ranch Hand

Joined: Sep 25, 2003
Posts: 327
Here's what I did to get it to work:

1) In struts config, add the attribute, type="org.apache.struts.config.SecureActionConfig" to the <action-mappings> element
2) For any secure action that you want to forward to, add <set-property property="secure" value="true"/> inside the action tag
3) Add <controller processorClass="org.apache.struts.action.SecureTilesRequestProcessor"/> right after the <action-mappings>
4) Add the following plugin to struts-config.xml: <plug-in className="org.apache.struts.action.SecurePlugIn"><set-property property="httpPort" value="8080"/><set-property property="httpsPort" value="8443"/> <set-property property="enable" value="true"/> </plug-in>
5) Add the �Struts SSL Plugin� library to the class path, this just points to sslext.jar
6) Add the sslext.tld to the WEB-INF folder
7) Add the taglibary entry for sslext.tld to the web.xml file
8) Import the sslext.tld tags into your jsp pages
9) Use the sslext form, link, and rewrite tags instead of regular html and instead of regular Struts html tags. For example, the Struts html:form tag will cause the form entries to be added to the url when you forward to a https page. If you use the sslext:form tag, this won�t happen
Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362
Thx Antony...it worked
Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362
Hey Antony,

I got another requirement which is as described below.
Am going thru a proxy server and the URL(on address bar) will be like -
http://proxyserver roxyport/..... instead of http://webserver:webserverport/....

How does the tag work in this situation.

Actually I have a proxy server(like Tivoli access manager for authentication and authorization) to filter the request and pass it on to the App server.

AM confused as to how to go abt this ....pls help me out
 
 
subject: SSL
 
Similar Threads
Authentication with JDBC Realms and MVC pattern (Controller servlet)
Using https for certain JSP
http url getting converted into https
Need to consume secure web service using Axis
HTTP and HTTPS