RE: combined http and https

Mon, 14 Jun 2004 02:02:22 -0700 

Do you have well configured Tomcat's server.xml file for SSL connections ?

For example:
<Connector port="8443" maxThreads="150"
             minSpareThreads="25" maxSpareThreads="75"
             enableLookups="false" disableUploadTimeout="true"
           acceptCount="100" debug="0" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8"
           keystoreFile="/...../.../Tomcat's SSL File"
keystorePass="........"/>

And well generated certificate necesary for SSL ?:

1.      If you are running a 1.3 JVM, download JSSE 1.0.3 (or later) from
http://java.sun.com/products/jsse/ and either make it an installed extension
on the system, or else set an environment variable JSSE_HOME that points at
the directory into which you installed JSSE.
2.      Create a certificate keystore by executing the following command:

        Windows:%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
        Unix:$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA

        and specify a password value of "changeit".
3.      Uncomment the "SSL HTTP/1.1 Connector" entry in
$CATALINA_HOME/conf/server.xml and tweak as necessary.

And, please don't send e-mails to private address, always to Tomcat list
address.

Mariano L�pez

-----Mensaje original-----
De: Jos� Manuel Prada Sierra [mailto:[EMAIL PROTECTED]
Enviado el: viernes, 11 de junio de 2004 12:57
Para: [EMAIL PROTECTED]
Asunto: RE: combined http and https


Hi Mariano.
This is my web.xml file:

<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
    "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd";>

<web-app>
  <servlet>
    <servlet-name>webdes</servlet-name>
    <servlet-class>org.apache.turbine.Turbine</servlet-class>
    <init-param>
      <param-name>applicationRoot</param-name>
      <param-value>webContext</param-value>
    </init-param>
    <init-param>
      <param-name>properties</param-name>
      <param-value>/WEB-INF/conf/TurbineResources.properties</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
  </servlet>
  <security-constraint>
     <web-resource-collection>
       <web-resource-name>SSL Pages</web-resource-name>
       <url-pattern>/templates/app/screens/secure/Index.vm</url-pattern>
     </web-resource-collection>
     <user-data-constraint>
       <transport-guarantee>CONFIDENTIAL</transport-guarantee>
     </user-data-constraint>
  </security-constraint>
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>templates</web-resource-name>
      <url-pattern>/templates/*</url-pattern>
   </web-resource-collection>
   <web-resource-collection>
      <web-resource-name>logs</web-resource-name>
      <url-pattern>/logs/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>admin</role-name>
    </auth-constraint>
  </security-constraint>
  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>Templates</realm-name>
  </login-config>
</web-app>

I have done you said, but the protocol don't change. Always http or https.
http://193.144.50.84:8080/webdes/servlet/webdes
https://193.144.50.84:8443/webdes/servlet/webdes
but never change the http to https.
I don't know that I can be wrong.
I have any error message, the protocol simply don't change and i don't know
what to do.
Thanks by your interesting.
Regards.





Hi Jos� Manuel, if you have already configured your tomcat to work with SSL
you can filter all pages you want with the following lines in web.xml
context file:

<security-constraint>
     <web-resource-collection>
       <web-resource-name>SSL Pages</web-resource-name>
       <url-pattern>/Comun/MyPage.jsp</url-pattern>
     </web-resource-collection>
     <user-data-constraint>
       <transport-guarantee>CONFIDENTIAL</transport-guarantee>
     </user-data-constraint>
</security-constraint>

You can use wildcards in <url-pattern> like '*'...

But i have a problem too, when i like to pass from http to https this work
fines, but from https to http i don't have a definitely solution yet.

Regards

Mariano L�pez

-----Mensaje original-----
De: Jos� Manuel Prada Sierra [mailto:[EMAIL PROTECTED]
Enviado el: lunes, 31 de mayo de 2004 12:57
Para: [EMAIL PROTECTED]
Asunto: combined http and https



Hi. I have an application that it was build using  tdk (turbine development
kit) and postgresql.
I have configured tomcat with http 8080 and https 8443 but i only use http
or https and i do not know how to combined both protocols. In my application
i have a section that is accesible typing login and password, but i need
that when an user link to this section, to activate the protocol https.
could somebody tell me the way to do it? Thank you.
Sorry for my english. I am a spanish.

_________________________________________________________________

_________________________________________________________________
De todo para la Mujer Latina http://latino.msn.com/mujer/


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to