When I mean the secure box, I am talking about the html directory for the secure
server which I assume also has a separate directory for the servlets under
/Jrun/jsm-default/classes/com/
Since it seems that you using a different set of directory mapping than the defaults I
would suggest the following to track the offending images/html file that are causing
the errors:
1. Fire up Netscape 4.X
2. If the framesets are being built dynamically with javascript, then go to the base
html file that calls the jsp login page. Type javascript: in the URL line and proceed
with clicking on the link in the html file that calls the jsp page. Each time that
you click on something, if a security error occurs, you should see the offending URL
of the image/html file in the javascript console.
3. If the framesets are not dynamically being built, then I would once again go to
the HTML file that calls the JSP login page. Press Control-H to get the history
window. Clear out the history. Then click on the link to the JSP login page. After
clicking on each link check that the each item's URL listed in the History page is
coming from the right source (http or https).
Hopefully this way you can track the offending URL. One other possibility is to look
at the refer/error logs in NES, or in the log files of JRun at
/JRun/jsm-default/services/jse/logs/ and /Jrun/jsm-default/logs/stderr.log to find the
file that can not be found, which is causing the security error.
Hope this helps.
>>> "Kathiresan, Vallikun" <[EMAIL PROTECTED]> 09/29 9:12 AM >>>
I greatly appreciate your response.
Yes, you are right we have framesets and when we are about to view the
framesets we get this message. When you say secure box I assume you are
talking about the https directory. All our image files, html files and
servlets are below this directory. So I assume then they should be from a
secure server.
Am I right? Do you have any suggestions?
Thanks
-----Original Message-----
From: Alex P Deller [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 29, 1999 9:52 AM
To: [EMAIL PROTECTED]
Subject: Re: Please Help us out: HELP on SECURITY
Are you using framesets?
If so, this can cause all sorts of warning messages. What usually happens
is that one frame is from an unsecure server and the other frames/frameset
is from the secure server. In order to get rid of the warning errors you
need to have all of the frames/frameset from the secure box.
One other possibility that causes these errors is that on a secure page you
are calling an image from the unsecure server, and this is what it is
complaining about. Simply copy and call the image from the secure server
for the secure image. Or you could leave the image on the unsecure server,
but have an URL re-direct for the images directory from the unsecure to the
secure directory via NES.
>>> "Kathiresan, Vallikun" <[EMAIL PROTECTED]> 09/29 8:29 AM >>>
We are using Netscape Enterprise Server 3.5.1 w/JRUN for a JavaServlet
application. We have a digital certificate for our website. When the user
logs in, they are presented with a web page that contains a form
w/ACTION="/servlet/NewCaseReportHandler". When the form is submitted under
IE, we get the following security Alert: "the web page you are about to view
has non secure items or the issuer of the certificate is unknown. Do you
wish to continue?"
We purchased our certificate from VERISIGN.
CAN ANYONE PLEASE HELP US OUT? Is it something to do with JRUN&Javaservlets.
Please respond via email : [EMAIL PROTECTED]
ANY HELP GREATLY APPRECIATED.
THANKS
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
