File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Can't display web app security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Can Watch "Can New topic
Author

Can't display web app security

pkinuk Buler
Ranch Hand

Joined: May 22, 2009
Posts: 63
Hi all, I'm learning the 'web app security' chapter in the 'Head First' book. What i'm trying is :

1. Adding the security constraint to the jsp file which is info.jsp through the web.xml file.
2. It will show the loginPage.html in the browser when user tried to directly access the info.jsp (Running the following link http://localhost:8080/ch12/beer/hello.do)
3. If login successfully, show a text 'HAHA, login OK', otherwise show the errorPage.html

I've following what the book telling me to do the declare everything in the web.xml file. but it shows 'Internet Explorer cannot display the webpage' in IE or 'This web page is not available.
The web page at https://localhost:8443/ch12/beer/hello.do might be temporarily down or it may have moved permanently to a new web address.' in Goole Chrome when I run http://localhost:8080/ch12/beer/hello.do .

Can some tell me why it doesn't work?

Thank you in advance.

The following code are the jsp, html, and web.xml:

web.xml:



loginPage.html:


errorPage.html:


info.jsp
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1662
    
  25

Hi Pkinuk,
The web page at https://localhost:8443/ch12/beer/hello.do might be temporarily down or it may have moved permanently to a new web address.' in Goole Chrome when I run http://localhost:8080/ch12/beer/hello.do


This is because you have put a <user-data-constraint> of confidential in your web-resource-collection. It is expecting the HTTPS port of 8443 being open, however if you are using tomcat as a server it is by default switched off. Just remove the user-data-constraint first and see if everything works fine.
If so, try to read SSL on tomcat to activate HTTPS.

Regards,
Frits

pkinuk Buler
Ranch Hand

Joined: May 22, 2009
Posts: 63
Frits Walraven, thank you for your reply. and it's working now although the IE said
The security certificate presented by this website was not issued by a trusted certificate authority.
The security certificate presented by this website was issued for a different website's address.

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.


In order to get rid of above warnning message, i guess i need to buy a certificate from some 'CA' company. anyway, thank you for your help.
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1662
    
  25

In order to get rid of above warnning message, i guess i need to buy a certificate from some 'CA' company.

Yes, you are right.

Regards,
Frits
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Can't display web app security