tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Delbecq <>
Subject Re: webapp getting encryption information
Date Mon, 03 Sep 2007 08:41:51 GMT

if you want parts to be accessible only with RSA, this part must use a
SSL certificate that accepts only RSA. This has to be decided when
generating certificates. So your different security levels must use
different certificates. One way to do this is to create different
connectors (different ips or different ports) that use different
certificates. You can then control, on each connector, which webapps are
accessible. Am sorry, but i don't think j2ee specs provides anything
else than transport-guarantee which can only take NONE, INTEGRAL or
CONFIDENTIAL so you will probably have to split your application in
several webapps on several ports/domains...

En l'instant précis du 03/09/07 09:42, Christian Andersson s'exprimait
en ces termes:
> I'm sorry that I'm asking this directly without havinge done that much
> research on this matter, but I'm hard pressed on time, and I'm currently
> traveling so I have a very limited access to the net.
> my question is as follows
> I have an webapplication that the users are connecting to via https.
> IS it possble for this webappto get information about the encryption
> protocol (ssl2/ssl3/tls/etc...) and algoritms
> (TLS_RSA_WITH_RC4_128_MD5/TLS_RSA_WITH_RC4_128_SHA/etc) used?
> I'm currently looking at securing a website with different grades of
> security depending on the type of connection (for example you need RSA
> with 256bit key to access some parts but other parts you only need
> 3DES), so the the less secure connection, the less information/options
> will be provided.
> ------------------------------------------------------------------------
> ---------------------------------------------------------------------
> To start a new topic, e-mail:
> To unsubscribe, e-mail:
> For additional commands, e-mail:


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message