aspose file tools*
The moose likes Tomcat and the fly likes Web App Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Web App Security" Watch "Web App Security" New topic
Author

Web App Security

Ankit Nagpal
Ranch Hand

Joined: Sep 09, 2008
Posts: 47

Hi,

I am using FORM based authentication for my web application. For implementing data integrity and confidentiality, i have used the following in the DD:

<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>

When I try to request a static HTML page by the following URL:

http://localhost:9080/AppName/first.html

this changes to

https://localhost:8443/AppName/first.html

and gives the error that page is unavailable. I know that it's trying to use HTTPS but why is this not working? Do I need to add something somewhere in my application?

BTW, I am using Tomcat 5.5 as server.

Thanks in advance.

[ September 27, 2008: Message edited by: Ankit Nagpal ]
[ September 27, 2008: Message edited by: Ankit Nagpal ]
Ankit Nagpal
Ranch Hand

Joined: Sep 09, 2008
Posts: 47

I found the solution to this problem, the SSL Configuration needs to be done on Tomcat. Steps are given in the link below:

Tomcat SSL Configuration - How To
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Web App Security
 
Similar Threads
transport-guarantee problem
Security constaint in J2ee 1.3 container - Web.xml
Unable to get authentication and authorization working.
Webshere Authentication
Force URL redirect from http to https?