geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Schmidt <>
Subject Enforcing SSL for Web- and EJB-tier
Date Sat, 13 Aug 2005 23:10:24 GMT
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<body bgcolor="#ffffff" text="#000000">
I am currently playing around with some security settings.<br>
I was wondering how I can enforce the usage of SSL? I tried the
following in the web.xml but with no success:<br>
&nbsp;&nbsp;&nbsp; &lt;security-constraint&gt;<br>
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &lt;web-resource-collection&gt;<br>
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &lt;/web-resource-collection&gt;<br>
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &lt;user-data-constraint&gt;<br>
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &lt;/user-data-constraint&gt;<br>
&nbsp;&nbsp;&nbsp; &lt;/security-constraint&gt;<br>
What else do I need to set this up properly? How do I enforce the same
for EJBs?<br>
Stefan Schmidt<br>

View raw message