Meaningless Drivel is fun!*
The moose likes Servlets and the fly likes https servlet Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "https servlet" Watch "https servlet" New topic
Author

https servlet

pankaj semwal
Ranch Hand

Joined: Oct 07, 2008
Posts: 300
Hi List[]

Can any body tell me how to run an https servlet .And for that what we have to .I am using Apache Tomcat 5.1.

Please help me.
ankur rathi
Ranch Hand

Joined: Oct 11, 2004
Posts: 3830
Originally posted by pankaj semwal:
Hi List[]

Can any body tell me how to run an https servlet .And for that what we have to .I am using Apache Tomcat 5.1.

Please help me.


You are asking wrong question but I understood what you need.

You will have to buy a (or create one dummy) certificate, configure that into your server on a port and you get a different port for secured communication (HTTPS).

My google page might help you: http://ankurrathi.googlepages.com/configureyourowncertificateintomcat
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41134
    
  45
There is no Tomcat version 5.1, but assuming you meant 5.5, this page contains everything you need to know. (Replace "5.5" by "5.0" in the URL in case you're running Tomcat 5.0.)


Ping & DNS - my free Android networking tools app
pankaj semwal
Ranch Hand

Joined: Oct 07, 2008
Posts: 300
Hi

how to run servlet on a specific i m ruuning servlet on https 8443 port but it is also running on http 8080 port.so how could i restrict 8080 to work on that particular servlet
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41134
    
  45
You can use the isSecure and getServerPort methods of HttpServletRequest to determine which port the request came through, and reject it if it came on a port it shouldn't have.

But I'm curious: Why would you accept requests through HTTP, but not HTTPS?
Satya Maheshwari
Ranch Hand

Joined: Jan 01, 2007
Posts: 368
Originally posted by pankaj semwal:
Hi

how to run servlet on a specific i m ruuning servlet on https 8443 port but it is also running on http 8080 port.so how could i restrict 8080 to work on that particular servlet


I guess, when you are trying to access the secured servlet through the http, you are being auto redirected to https.

And to achieve this, you may have put the transport guarantee to INTEGRAL or CONFIDENTIAL. Hence this is the correct behavior as this ensures that the communication between the client and the server is on SSL.

I think your other requirement is that of 'Authentication' or 'Client Identification'. For this you could impose a 'auth-constraint' on the servlet. This will ensure that the client is always authenticated and the communication is over SSL. It would also ensure that the client trying to access the servlet over http is not rejected and prompted to authenticate herself. This maybe desired as people tend to forget to put https instead of http in the address bar of browser.

If still you want to restrict any communication over http(even the initial redirect to https), the you should follow the approach as Ulf suggested.
[ November 27, 2008: Message edited by: Satya Maheshwari ]

Thanks and Regards
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: https servlet
 
Similar Threads
How to get https url ?
Servlet and data security and authantication
Using https in java application
Redirecting to HTTPS
Http request TO Https request