aspose file tools*
The moose likes Servlets and the fly likes https servlet Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "https servlet" Watch "https servlet" New topic
Author

https servlet

pankaj semwal
Ranch Hand

Joined: Oct 07, 2008
Posts: 300
Hi List[]

Can any body tell me how to run an https servlet .And for that what we have to .I am using Apache Tomcat 5.1.

Please help me.
ankur rathi
Ranch Hand

Joined: Oct 11, 2004
Posts: 3830
Originally posted by pankaj semwal:
Hi List[]

Can any body tell me how to run an https servlet .And for that what we have to .I am using Apache Tomcat 5.1.

Please help me.


You are asking wrong question but I understood what you need.

You will have to buy a (or create one dummy) certificate, configure that into your server on a port and you get a different port for secured communication (HTTPS).

My google page might help you: http://ankurrathi.googlepages.com/configureyourowncertificateintomcat
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41839
    
  63
There is no Tomcat version 5.1, but assuming you meant 5.5, this page contains everything you need to know. (Replace "5.5" by "5.0" in the URL in case you're running Tomcat 5.0.)


Ping & DNS - my free Android networking tools app
pankaj semwal
Ranch Hand

Joined: Oct 07, 2008
Posts: 300
Hi

how to run servlet on a specific i m ruuning servlet on https 8443 port but it is also running on http 8080 port.so how could i restrict 8080 to work on that particular servlet
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41839
    
  63
You can use the isSecure and getServerPort methods of HttpServletRequest to determine which port the request came through, and reject it if it came on a port it shouldn't have.

But I'm curious: Why would you accept requests through HTTP, but not HTTPS?
Satya Maheshwari
Ranch Hand

Joined: Jan 01, 2007
Posts: 368
Originally posted by pankaj semwal:
Hi

how to run servlet on a specific i m ruuning servlet on https 8443 port but it is also running on http 8080 port.so how could i restrict 8080 to work on that particular servlet


I guess, when you are trying to access the secured servlet through the http, you are being auto redirected to https.

And to achieve this, you may have put the transport guarantee to INTEGRAL or CONFIDENTIAL. Hence this is the correct behavior as this ensures that the communication between the client and the server is on SSL.

I think your other requirement is that of 'Authentication' or 'Client Identification'. For this you could impose a 'auth-constraint' on the servlet. This will ensure that the client is always authenticated and the communication is over SSL. It would also ensure that the client trying to access the servlet over http is not rejected and prompted to authenticate herself. This maybe desired as people tend to forget to put https instead of http in the address bar of browser.

If still you want to restrict any communication over http(even the initial redirect to https), the you should follow the approach as Ulf suggested.
[ November 27, 2008: Message edited by: Satya Maheshwari ]

Thanks and Regards
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
 
subject: https servlet