File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Struts and the fly likes How to change to secure ? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "How to change to secure ?" Watch "How to change to secure ?" New topic

How to change to secure ?

somkiat puisungnoen
Ranch Hand

Joined: Jul 04, 2003
Posts: 1312
How to change to secure ?

i want to change

Reason to do this :
i want to change to secure in HTTP Protocol.

Java Developer, Thailand
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982
You need to create a digitial certificate, so that SSL will use the key inside the cert. to perform encryption for the exchange key during the session.

You also need to create a port that binds to HTTPS, instead of port 80. Usually HTTPS uses port 443, but you can configure it to any port that greater than 1024.

[ May 18, 2004: Message edited by: Nicholas Cheung ]

SCJP 1.2, OCP 9i DBA, SCWCD 1.3, SCJP 1.4 (SAI), SCJD 1.4, SCWCD 1.4 (Beta), ICED (IBM 287, IBM 484, IBM 486), SCMAD 1.0 (Beta), SCBCD 1.3, ICSD (IBM 288), ICDBA (IBM 700, IBM 701), SCDJWS, ICSD (IBM 348), OCP 10g DBA (Beta), SCJP 5.0 (Beta), SCJA 1.0 (Beta), MCP(70-270), SCBCD 5.0 (Beta), SCJP 6.0, SCEA for JEE5 (in progress)
Jose Zaleta

Joined: Mar 04, 2004
Posts: 15
Besides your digital certificate and properly configured web server with an https port, you can use an struts extension called sslext.


You can define security configuration on a per page basis, just like this:
<%@ taglib uri="/WEB-INF/sslext.tld" prefix="sslext"%>
<sslext ageScheme secure="true"/>

And you configure which port to use in your struts-config.xml:
<plug-in className="org.apache.struts.action.SecurePlugIn">
<set-property property="httpPort" value="80" />
<set-property property="httpsPort" value="443" />
<set-property property="enable" value="true" />

If an http request comes in and the page secure attribute is set to true, it will automatically be redirected to the https port.

Let me know if you need any futher assistance.

Jeremy Davis

Joined: Feb 07, 2003
Posts: 17
The sslext extension is easy to use and quite useful. It allows you to define forwards as secure, insecure, or either and preserves your session information across secure insecure requests.
Lasse Koskela

Joined: Jan 23, 2002
Posts: 11962
Are there plans to incorporate the sslext plugin into the standard Struts distribution? To me, this sounds like something that should be part of the "core" Struts.

Author of Test Driven (2007) and Effective Unit Testing (2013) [Blog] [HowToAskQuestionsOnJavaRanch]
somkiat puisungnoen
Ranch Hand

Joined: Jul 04, 2003
Posts: 1312
thank you for all answer , that work ..


Joined: Apr 19, 2006
Posts: 2
I am facing problem with sslext with Tiles.
I am Struts 1.2.8 with Tiles,Velocity Menu & sslext-1.2 .
Problem is :
1. I'm linking from one page to another page with as the following URL with https:
<a href="https://localhost:8443/web/"> SSL</a>
2. That is Action with ".do".
3. In struts-config.xml
<action path="/formAction" type="test.ssl.NullAction">

This is just forward to the required form (form.jsp). So, if we activate hit the URL as http://localhost:8080/web/ - (No https)
the form will show properly (No URL Change)

4.But in form.jsp, if we add the following lines:
<%@ taglib uri="/WEB-INF/StrutsConfig/sslext.tld" prefix="sslext" %>
<sslext ageScheme secure="false"/>
Because the page should come http (Not https)
5. Using https link if we click, Shows security alert for moving to secured page, then once shows alert message moving to non secured page.
But the URL is
Instead of http://localhost:8080/web/ .

What is the problem how we can resolve this?. Becuse of this is , template based tiles is not working properly.
All Suggestions are welcomes and my advance thanks
you can reach me
I agree. Here's the link:
subject: How to change to secure ?
It's not a secret anymore!