Forcing SSL to handle requests
Hi, I'm running a standalone Tomcat webserver 4.0.6 and am trying to force a resource on my web server to only serve a particular URL through SSL, so I've inserted the following lines in the web.xml file: security-constraint web-resource-collection web-resource-nameProtected Context/web-resource-name url-pattern/index/url-pattern /web-resource-collection !-- auth-constraint goes here if you requre authentication -- user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint When restarting my webserver, I'm getting the following error message several times: org.xml.sax.SAXParseException: The content of element type web-app must match (icon?,display-name?,description?,distributable?,context-param*,filter* ,filter- mapping*,listener*,servlet*,servlet-mapping*,session-config? ,mime-mapping*,welcome-file-list?,error-page*,taglib*,resource-env-ref*, resource-ref*,security-constraint*,login-config?,security-role*,env-entr y*,ejb-ref*,ejb- local-ref*) . PARSE error at line 858 column 11 Could someone help me out on what I've done wrong??? Cheers Deric _ Un mot doux à envoyer? Une sortie ciné à organiser? Faites le en temps réel avec MSN Messenger! C'est gratuit! http://ifrance.com/_reloc/m _ Envie de discuter en live avec vos amis ? Télécharger MSN Messenger http://www.ifrance.com/_reloc/m la 1ère messagerie instantanée de France - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Forcing SSL to handle requests
On 11/18/2003 06:00 PM deric stroud wrote: Hi, I'm running a standalone Tomcat webserver 4.0.6 and am trying to force a resource on my web server to only serve a particular URL through SSL, so I've inserted the following lines in the web.xml file: Deric you have to maintain that order as well. You must have put the security constraint before or after some element which SAX is complaining about. Adam -- struts 1.1 + tomcat 5.0.12 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Forcing SSL to handle requests
Deric, PARSE error at line 858 column 11 What's on line 858 of your web.xml file? org.xml.sax.SAXParseException: The content of element type web-app must match (icon?,display-name?,description?,distributable?,context-param*,filter* ,filter- mapping*,listener*,servlet*,servlet-mapping*,session-config? ,mime-mapping*,welcome-file-list?,error-page*,taglib*,resource-env-ref*, resource-ref*,security-constraint*,login-config?,security-role*,env-entr y*,ejb-ref*,ejb- local-ref*) You've probably got an element out of order. Make sure that your security-constraint is in the right place. -chris - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Forcing SSL to handle requests
If you use IE, you can use a XML validator on microsoft's site: http://msdn.microsoft.com/downloads/samples/internet/xml/xml_validator/validate_js.htm -Tim Christopher Schultz wrote: Deric, PARSE error at line 858 column 11 What's on line 858 of your web.xml file? org.xml.sax.SAXParseException: The content of element type web-app must match (icon?,display-name?,description?,distributable?,context-param*,filter* ,filter- mapping*,listener*,servlet*,servlet-mapping*,session-config? ,mime-mapping*,welcome-file-list?,error-page*,taglib*,resource-env-ref*, resource-ref*,security-constraint*,login-config?,security-role*,env-entr y*,ejb-ref*,ejb- local-ref*) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
forcing SSL
I'm trying to clear one last hurdle on this whole SSL thing. How exactly do I force a certain page to require https protocol? The How-To on SSL (which I have just about memorized at this point) states... Any pages which absolutely require a secure connection should check the protocol type associated with the page request and take the appropriate action of https is not specified. Can this be done in the web.xml file or is this done within each JSP or Servlet? Is it possible to seamlessly redirect a user who requests a page through http to be switched to https without altering the source code of each page? I've scanned every e-mail on SSL on this list since November and I've seen many similar requests, but nobody has ever answered it. Weird. If somebody could point me in the right direction I would be very grateful. Regards! Aaron -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: forcing SSL
Hi, RA I'm trying to clear one last hurdle on this whole SSL thing. How RA exactly do I force a certain page to require https protocol? The How-To RA on SSL (which I have just about memorized at this point) states... RA Any pages which absolutely require a secure connection should check the RA protocol type associated with the page request and take the appropriate RA action of https is not specified. RA Can this be done in the web.xml file or is this done within each JSP or RA Servlet? Is it possible to seamlessly redirect a user who requests a RA page through http to be switched to https without altering the source RA code of each page? I've scanned every e-mail on SSL on this list since RA November and I've seen many similar requests, but nobody has ever RA answered it. Weird. If somebody could point me in the right direction RA I would be very grateful. Regards! Aaron Yes, put the following into the web-xml security-constraint part and tomcat redirects automaticly to ssl if the resource was requested. user-data-constraint transport-guarantee CONFIDENTIAL /transport-guarantee /user-data-constraint it is necessary that ssl is correctly set up in server.xml. Have a look at the HOW-To on the tomcat homepage so long Ingo Bruell --- [EMAIL PROTECTED] [EMAIL PROTECTED] ICQ# 40377720 OldenburgPGP-Fingerprint: CB01 AE12 B359 87C4 BF1C 953C 8FE7 C648 169E E5FC Germany PGP-Public-Key available at pgpkeys.mit.edu -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: forcing SSL
THANK YOU! -Original Message- From: Ingo Bruell [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 1:03 PM To: Tomcat Users List Subject: Re: forcing SSL Hi, RA I'm trying to clear one last hurdle on this whole SSL thing. How RA exactly do I force a certain page to require https protocol? The How-To RA on SSL (which I have just about memorized at this point) states... RA Any pages which absolutely require a secure connection should check the RA protocol type associated with the page request and take the appropriate RA action of https is not specified. RA Can this be done in the web.xml file or is this done within each JSP or RA Servlet? Is it possible to seamlessly redirect a user who requests a RA page through http to be switched to https without altering the source RA code of each page? I've scanned every e-mail on SSL on this list since RA November and I've seen many similar requests, but nobody has ever RA answered it. Weird. If somebody could point me in the right direction RA I would be very grateful. Regards! Aaron Yes, put the following into the web-xml security-constraint part and tomcat redirects automaticly to ssl if the resource was requested. user-data-constraint transport-guarantee CONFIDENTIAL /transport-guarantee /user-data-constraint it is necessary that ssl is correctly set up in server.xml. Have a look at the HOW-To on the tomcat homepage so long Ingo Bruell --- [EMAIL PROTECTED] [EMAIL PROTECTED] ICQ# 40377720 OldenburgPGP-Fingerprint: CB01 AE12 B359 87C4 BF1C 953C 8FE7 C648 169E E5FC Germany PGP-Public-Key available at pgpkeys.mit.edu -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]