tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <>
Subject Re: combining form based authentication with https
Date Sat, 01 Oct 2005 14:44:31 GMT
Peddireddy Srikanth wrote:
> Hi all,
> I have a basic doubt  If there are any resoursec which will me on this
> please point me towards them. I will carry on from there.
> My question is how to combine the form based authentication, where we use
> "jsecuritycheck" , "jusername" etc with https.
> As far as I know if we use form based authentication username and
> password will be authenticated by the container managed resource
> called 'jsecuritycheck". But the data transfer from client browser to
> tomcat will be still a plain text. i want to encrypt this and
> obviously i need to use https.
> So how to combine both  and how tomcat wil help me doping this??

Providing you have an https connector configured, you can use 
something like this in your <security-constraint>


See the spec for more details.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message