On Sun, 14 Sep 2003, Max Cooper wrote:
> Some design changes are needed to make the switch to the https port in
> what I consider to be an acceptable manner.
One avenue to explore is using one particular capability of container
managed security, and declare a security constraint requiring SSL on a
particular request. Something like this:
<security-constraint>
<web-resource-collection>
<web-resource-name>Checkout Section</web-resource-name>
<description>
The set of URL patterns for requests that must be submitted
via SSL. In order to avoid sending confidential data unencrypted,
these patterns MUST include the page that renders the form to
be submitted that contains that confidential data.
</description>
<!-- URL pattern for the form containing the credit card number -->
<url-pattern>/checkout_form.jsp</url-pattern>
<!-- URL pattern for the "buy it" submit button -->
<url-pattern>/buy.do</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
If you do this, the container will switch to HTTPS for you before the
checkout form is rendered. Hence, the ultimate submit of that form will
be done over SSL. It's up to the container to figure out what the correct
SSL port number is (in Tomcat, you configure this with the "redirectPort"
attribute on a <Connector> element; the default configuration for non-SSL
on port 8080 redirects to SSL on port 8443).
Note that, because there is no <auth-constraint> here, this particular
security constraint does not require you to use container managed security
for authentication -- it's only being used to do the "redirect to SSL"
trick for you.
Craig
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
