Luca Ventura [EMAIL PROTECTED] wrote in message
news:GCEHKDLCEKBHKGEIBIGLEEFADKAA.ventluca;tiscali.it...
Hello everybody!
I have IIS as Web Server and Tomcat 4.x as Servlet Container (using the
ISAPI filter).
So all requests directed to servlets, jsp-pages, or
java-technology based web sites are redirected to Tomcat 4.x from IIS.
I have installed in IIS a digital certificate to support HTTPS
protocol.
Let's suppose my web domain is: www.mydomain.com
and that my java-technology based web site is in the /javasite folder.
So to access to it in a secure way using HTPPS I must type the url:
https://www.mydomanin.com/javasite/index.html
First of all I would like to have a confirmation of the following thing:
1) When I send data to the url above are all of them cripted from my Web
Browser and decrypted by ISS before redirecting them to Tomcat 4.x
(I haven't installed the same digital certificate in Tomcat because
I don't use it as a Web Server)?
Yes.
Then I need to know:
2)I want to protect some servlets and jsp-pages with an access login and
password:
So I used the BASIC authentication of Tomcat: in this way when I user
try to connect to a protected servlet or jsp-page the Servlet Container
Tomcat asks to
the user to insert a login and a password. If the url of the servler or
jsp-page
he tries to connect to is https based (for example:
https://www.mydomanin.com/javasite/MyServet) are both login and password
crypted before sending them to Tomcat (I think that IIS should receive ,
decrypt and forward
them to Tomcat)?
Yes.
I hope someone can help me.
Thanks everybody in advance!
Luca
--
To unsubscribe, e-mail: mailto:tomcat-user-unsubscribe;jakarta.apache.org
For additional commands, e-mail: mailto:tomcat-user-help;jakarta.apache.org
