tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: [HELP!] Which key alias names to use for SSL?
Date Sun, 12 Oct 2003 19:45:16 GMT

"Sonny Sukumar" <ahimsadesi@hotmail.com> wrote in message
news:Law10-F68abixgsNbJW00008cde@hotmail.com...
>
> >From: "Bill Barker" <wbarker@wilshire.com>
>
> > >
> > > --I reconfigured the SSL port from 8443 to 443 on our server (as well
as
> >the
> > > redirect port), and all of a sudden I can connect using SSL.  I don't
> > > understand why 8443 didn't work.  Any ideas??
> > >
> >
> >There is a well-know bug in MSIE related to security-constraints, but
that
> >doesn't seem to apply here.
>
> Hmm, what's that bug?  I'd like to know because I next plan to implement
> some <security-constraint>s to prevent insecure access to certain pages
and
> sets of pages.
>

If you are running SSL on a non-standard port (e.g. 8443), and the user
attempts to access a page (via http) which is protected with both an
auth-constraint and a transport-guarantee, MSIE will fumble around and end
up issuing a request for 'http://host:8443/myapp/login.jsp' (which of course
will fail).  It doesn't happen if you are using the standard SSL port (i.e.
443), or with Tomcat 5.

> _________________________________________________________________
> Frustrated with dial-up? Get high-speed for as low as $29.95/month
> (depending on the local service providers in your area).
> https://broadband.msn.com




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message