Hello everybody! I have IIS as Web Server and Tomcat 4.x as Servlet Container (using the ISAPI filter). So all requests directed to servlets, jsp-pages, or java-technology based web sites are redirected to Tomcat 4.x from IIS. I have installed in IIS a digital certificate to support HTTPS protocol.
Let's suppose my web domain is: www.mydomain.com and that my java-technology based web site is in the /javasite folder. So to access to it in a secure way using HTPPS I must type the url: https://www.mydomanin.com/javasite/index.html First of all I would like to have a confirmation of the following thing: 1) When I send data to the url above are all of them cripted from my Web Browser and decrypted by ISS before redirecting them to Tomcat 4.x (I haven't installed the same digital certificate in Tomcat because I don't use it as a Web Server)? Then I need to know: 2)I want to protect some servlets and jsp-pages with an access login and password: So I used the BASIC authentication of Tomcat: in this way when I user try to connect to a protected servlet or jsp-page the Servlet Container Tomcat asks to the user to insert a login and a password. If the url of the servler or jsp-page he tries to connect to is https based (for example: https://www.mydomanin.com/javasite/MyServet) are both login and password crypted before sending them to Tomcat (I think that IIS should receive , decrypt and forward them to Tomcat)? I hope someone can help me. Thanks everybody in advance! Luca -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
