aspose file tools
The moose likes Security and the fly likes Partially secure web applications ... HOW TO? Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Engineering » Security
Reply Bookmark "Partially secure web applications ... HOW TO?" Watch "Partially secure web applications ... HOW TO?" New topic
Author

Partially secure web applications ... HOW TO?

Jeevan Sunkersett
Ranch Hand

Joined: Jul 03, 2007
Posts: 71
posted private message
0
Quote
Hi,

I have developed a j2ee application, deployed on jboss and fronted it with a Apache 2.2 server (using mod_jk)

So all requests on Apache, are served by jboss running on port 8080.

For security, I generated a SSL certificate and applied it to Apache, using mod_ssl.

But this has rendered my complete application secure and accesible only by https.

But I wish my java application, to be presented similar to http://www.makemytrip.com
This applcation allows users to search flights and and add them to a shopping cart. All of this over http.
Only when the user, does a checkout, he/ she is served content over https, but there is no change to the url seen in the browser, except for http becoming https.

I feel such a behaviour is managed by the web server (and not the java application or the application server), using some thing like url rewriting or similar, so this post.

Am I right?
Any help or tips on how to achieve the above will be greatly appreciated.

thanks
Jeevan
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: Partially secure web applications ... HOW TO?
 
Similar Threads
https in Jboss 5.0.1
virtual hosts
how to remove 8080 from URL before deployment
Setting Document Root for SSL in Jboss
Simulate HTTPS in Tomcat connector or Apache config?