aspose file tools*
The moose likes Tomcat and the fly likes Tomcat URL signing Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat URL signing" Watch "Tomcat URL signing" New topic
Author

Tomcat URL signing

Paal Olsen
Greenhorn

Joined: Jan 21, 2011
Posts: 2
Hi

First of all, I have to say that he question here is based on a migration project I have at work from Orion- to the Tomcat- webserver.
The thing I'd like some help with, is how to set up signing to applications; prefferably using SHA1withRSA, since that is the one we are using now and would probably cause a smoother migration?

What we use today on the orion webserver is:
https://??maskedaddress??/signing/servlet?app=Customer1_C&time=201101210831&invoice=200000260&path=main.jsp&acctID=12345678&mid=&kid=&sig=523a8a75cb0e3188ca139130702e...
Sig is the paramater that validates the signing. We have a keystore validation-file, and the customer have a keystore signingfile to make up the sig-paramter based on the others

Is there any way that this can be reused on Tomcat? and,,,how?
The app-parameter there is used access a file that has the info on which verifyingfile to be used from customer to customer

Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16145
    
  21

Welcome to the JavaRanch, Paal! But please: http://www.coderanch.com/how-to/java/PatienceIsAVirtue

We don't get paid here, so we're not exactly manning the desks all day long.

Unless Orion does does something I don't know about, that behaviour is built into your webapp and not part of how Tomcat or any other webapp server works. Usually if there's a client-side authentication certificate involved, it's just a matter of making it available to the user's browser, and then the webserver and web client negotiate its use transparently.


Customer surveys are for companies who didn't pay proper attention to begin with.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Tomcat URL signing