tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeffrey Janner <>
Subject RE: Adapting a webapp to use https
Date Thu, 28 Jun 2012 13:27:55 GMT
> -----Original Message-----
> From: David kerber []
> Sent: Thursday, June 28, 2012 7:25 AM
> To: Tomcat Users List
> Subject: Adapting a webapp to use https
> We have an application that we've been running successfully for years.
> Now one of our potential customers wants to investigate possibly
> switching it to use https instead of http, and I'm trying to figure out
> what's involved in the conversion.
> The clients are headless industrial computers that collect data and
> transmit it to the tc server, so there is no user to enter IDs and
> passwords.  I have both TC 6 and TC 7 servers in use, and it works find
> with both of them.
> What might be the best way of doing this?  Should I have the client app
> do its own logins?  Or can this be done with certificates?  Or what?
> I'm a total newbie at writing and configuring https connections, so
> could use whatever pointers or references you can give me.
> Dave

Dave -

A lot depends on the actual requirements being proposed by your potential customer.

You don't mention anything about how your app currently handles authentication.  If the current
method is acceptable, then all you really need to do is convert the <connector> attribute
to support SSL and get a certificate. You may also want to add a <security-constraint>
with a transport guarantee of CONFIDENTIAL to your app's web.xml file.

See the online documentation for your tomcat release, e.g.

You will also need to insure that the client computers can be configured to support/use SSL.

If however, the goal is to add some improved form of authentication, you'll need to read deeper,
and then come back with some specific questions about the path you wish to take.


Confidentiality Notice:  This Transmission (including any attachments) may contain information
that is privileged, confidential, and exempt from disclosure under applicable law.  If the
reader of this message is not the intended recipient you are hereby notified that any dissemination,
distribution, or copying of this communication is strictly prohibited.  

If you have received this transmission in error, please immediately reply to the sender or
telephone (512) 343-9100 and delete this transmission from your system.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message