[OT] Re: Applet and SSL

[Jeff Turner]

On Fri, May 24, 2002 at 04:05:28PM -0700, Bing Zhang wrote:
 Hi,
 
 We are evaluating a web application with applet as front end. It runs well
 on our machine with regular http.
 
 Now we want to run it through SSL. If the front end are pure html pages, we
 are not concerned since the web browser will take care the SSL issue and
 encrypt the traffic automatically. But because the front end is applet, we
 are not sure. Will browser take care of the enryption automatically? or in
 short, do we only need to configure our web server to run SSL, there is no
 modification on both server and applet code?

Does the applet do any HTTP requests to the server it came from? If so,
you may have problems if the applet has hardcoded http://...; URLs,
instead of using getDocumentBase() to determine 'http' or 'https'.

--Jeff

 Thanks
 
 Bing

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]

RE: [OT] Re: Applet and SSL

[KUMAR,PANKAJ (HP-Cupertino,ex1)]

Hi,

If the applet communicates with the backend using RMI ( most often used
mechanism ), the data exchanged won't be encrypted.

If the applet establishes http connection wit the backend, then again the
data won't be encrypted. ( As Jeff observes ).

If the applet uses https:// then you have an interesting situation -- when
the browser uses https:// it makes use of its own certificate database and
certificate validation logic. For applet, the certificate database would be
different ( the one that comes with the JDK or JRE ) and the validation
logic is also different. For example, if the server presents a certificate
that is expired or signed by a non-trusted CA then the browser would prompt
the user but the Java code running within applet will just refuse
connection.

As far as I know, security providers bundled with SUN's JDK do not integrate
very well with PKI security infrastructure of browsers.

/Pankaj.

-Original Message-
From: Jeff Turner
To: Tomcat Users List
Sent: 5/24/02 11:47 PM
Subject: [OT] Re: Applet and SSL

On Fri, May 24, 2002 at 04:05:28PM -0700, Bing Zhang wrote:
 Hi,
 
 We are evaluating a web application with applet as front end. It runs
well
 on our machine with regular http.
 
 Now we want to run it through SSL. If the front end are pure html
pages, we
 are not concerned since the web browser will take care the SSL issue
and
 encrypt the traffic automatically. But because the front end is
applet, we
 are not sure. Will browser take care of the enryption automatically?
or in
 short, do we only need to configure our web server to run SSL, there
is no
 modification on both server and applet code?

Does the applet do any HTTP requests to the server it came from? If so,
you may have problems if the applet has hardcoded http://...; URLs,
instead of using getDocumentBase() to determine 'http' or 'https'.

--Jeff

 Thanks
 
 Bing

--
To unsubscribe, e-mail:
mailto:[EMAIL PROTECTED]
For additional commands, e-mail:
mailto:[EMAIL PROTECTED]

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]

Applet and SSL

[Bing Zhang]

Hi,

We are evaluating a web application with applet as front end. It runs well
on our machine with regular http.

Now we want to run it through SSL. If the front end are pure html pages, we
are not concerned since the web browser will take care the SSL issue and
encrypt the traffic automatically. But because the front end is applet, we
are not sure. Will browser take care of the enryption automatically? or in
short, do we only need to configure our web server to run SSL, there is no
modification on both server and applet code?

Thanks

Bing

--
To unsubscribe, e-mail:   mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]