tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From t.riteshme...@iflexsolutions.com
Subject RE: TOMCAT & SSL !!!
Date Tue, 07 May 2002 15:44:40 GMT
Hi,

I was looking for the postigs under " How to enforce SSL" - if
anybody cud throw some light, as iwas unable to locate it.....


thanx!

-----Original Message-----
From: Steve D George [mailto:steve_george@uk.ibm.com]
Sent: Tuesday, April 30, 2002 3:48 PM
To: Tomcat Users List
Subject: Re: TOMCAT & SSL !!!



Hi, have a look for postings titled 'How to enforce SSL' that were posted
over the last few days. Assuming you have gone through the How-to-SSL
document in the tomcat docs and set up a certificate, to enforce SSL for a
certain directory in your context, you need something like this in your
web.xml.

<!-- Define a Security Constraint on this Application -->
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Entire Application</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>trackeruser</role-name>
    </auth-constraint>
    <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
  </security-constraint>

  <!-- Define the Login Configuration for this Application -->
  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>Location Tracker Application</realm-name>
  </login-config>

The important piece is the user-data-constraint and the
transport-guarantee. This tells tomcat that all requests to the url pattern
(in my case it is the whole of my context) should be sent over HTTPS. If a
request is received over HTTP, tomcat will redirect the request at whatever
port is defined in server.xml as the 'redirectPort' for the HTTP connector.
This is probably 8443. You then need to make sure that you have an SSL only
connector on that port but I guess you should already have that if you've
got the SSL working already.

Cheers.

Steve.



 

                      t.riteshmenon@iflexso

                      lutions.com                  To:
tomcat-user@jakarta.apache.org                                
                                                   cc:

                      30/04/2002 11:10             Subject:  TOMCAT & SSL
!!!                                              
                      Please respond to

                      "Tomcat Users List"

 

 





Hi All,

My application requires that certain pages on the site are accessed via
SSL,
is
there a way in tomcat to reject the connection of http to a specific page
(ie securePage.jsp) but still allow http access to other pages (ie.
standardPage.jsp).

Also i'm using cookies - so i wanted to know whether these cookies will
be visible in both the http & https contexts.

Thanks in advance,

Ritesh
----------------------------------------------------------------------------

This message contains privileged and confidential information and is
intended only for the individual named.If you are not the intended
recipient
you should not disseminate,distribute,store,print, copy or deliver this
message.Please notify the sender immediately by e-mail if you have received
this e-mail by mistake and delete this e-mail from your system.E-mail
transmission cannot be guaranteed to be secure or error-free as information
could be intercepted,corrupted,lost,destroyed,arrive late or incomplete or
contain viruses.The sender therefore does not accept liability for any
errors or omissions in the contents of this message which arise as a result
of e-mail transmission. If verification is required please request a
hard-copy version.
----------------------------------------------------------------------------


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>





--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
----------------------------------------------------------------------------
This message contains privileged and confidential information and is
intended only for the individual named.If you are not the intended recipient
you should not disseminate,distribute,store,print, copy or deliver this
message.Please notify the sender immediately by e-mail if you have received
this e-mail by mistake and delete this e-mail from your system.E-mail
transmission cannot be guaranteed to be secure or error-free as information
could be intercepted,corrupted,lost,destroyed,arrive late or incomplete or
contain viruses.The sender therefore does not accept liability for any
errors or omissions in the contents of this message which arise as a result
of e-mail transmission. If verification is required please request a
hard-copy version.
----------------------------------------------------------------------------

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message