*
The moose likes Servlets and the fly likes Making secured websites Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Making secured websites " Watch "Making secured websites " New topic
Author

Making secured websites

Rajesh Agarwal
Ranch Hand

Joined: Aug 01, 2005
Posts: 79
I have heard about sites being secured, using https. Can someone give me an insight on how to make a secured website using ofcourse java, servlets say a WLS
James Clinton
Ranch Hand

Joined: Jun 23, 2003
Posts: 190
This is a very broad question which I will answer in part.

HTTPS, which is HTTP over SSL (Secure Socket Layer) is one way of securing a request/response, which as you probably know encrypts data over the wire.

The container usually does this for you if you configure it correctly, read your container notes.

Many other security features can also be applied to web applications such as BASIC Authentication. I would advise you invest in a J2EE Security Book to find out more.
Rajesh Agarwal
Ranch Hand

Joined: Aug 01, 2005
Posts: 79
Thanks James... Is it just about configuring to make a site secured, or does some part of coding also go into this.

This whole concept is kinda vague.
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

Both...
Either....

If you pickup a book on J2EE security, you will find sections on
"declarative security" and "programmatic security".

Setting up an SSL certificate is done completely at the container level.
You can specify which components must go through SSL in your deployment descriptor.

As James said, it's a very broad topic.
If you're serious about it, get a book.

"Mastering Tomcat" by Wiley Press has a good introduction to security.
A lot of what it covers applies to J2EE in general, not just Tomcat.


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
 
 
subject: Making secured websites