My use case is: User hits any page on site Username/password prompt appears If ok, secure/https access to pages on site granted
I am looking at http://www.eclipse.org/jetty/documentation/current/configuring-security.html and am not sure how to generate the keystore - is this what I need: https://docs.oracle.com/cd/E19509-01/820-3503/ggfen/index.html Configuring Java CAPS for SSL Support It seems excessive to require a certificate authority to sign the keystore, vs. the simplicity of the .htaccess model which seems to have been discontinued? Would cert signing have to be done on adding each user?? Also, would using password hashes be more secure than OBF passwords, and is this possible? Thanks, Bill _______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
