session variable returns null in non-SSL page
I am transporting the one webapp which was running on IIS+Tomcat3.x to Tomcat4.1.24. I have used SSL session using HTTPS for login and some user specific jsp pages. I maintains session using HttpSession. there are some non-SSL HTTP pages where i access session variables. I am getting the session variable which i set in login page after successful login as null. This is happening in Tomcat4.1.24 version. I t was working fine with Tomcat3.2 version. can anybody suggest me some solution. thanks in advance -manjunath - Do you Yahoo!? Free online calendar with sync to Outlook(TM). === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant archives, FAQs and Forums on JSPs can be found at: http://java.sun.com/products/jsp http://archives.java.sun.com/jsp-interest.html http://forums.java.sun.com http://www.jspinsider.com
Re: Non-SSL pages returns session attribute as null
I had the same problem with tomcat 4.1.12 + SunOne and I solved with tomcat 4.1.18. This version solves problems like that. -Mensaje original- De: Manjunath Bhat [mailto:[EMAIL PROTECTED]] Enviado el: viernes, 21 de febrero de 2003 6:17 Para: [EMAIL PROTECTED] Asunto: Non-SSL pages returns session attribute as null Hi My web application has both HTTP and HTTPS jsp pages. I create session in HTTPS page. and use the same throughout. But i have come across strange problem in Tomcat4.0. When i try to access session attribute in HTTP page , it returns null and the user will be logged off. This behavior was not there in Tomacat3.x . My environment is Win2k, IIS+Tomcat4.0 Can any one help me out. thanks in advance manjunath Missed your favourite TV serial last night? Try the new, Yahoo! TV. visit http://in.tv.yahoo.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant archives, FAQs and Forums on JSPs can be found at: http://java.sun.com/products/jsp http://archives.java.sun.com/jsp-interest.html http://forums.java.sun.com http://www.jspinsider.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant archives, FAQs and Forums on JSPs can be found at: http://java.sun.com/products/jsp http://archives.java.sun.com/jsp-interest.html http://forums.java.sun.com http://www.jspinsider.com
Non-SSL pages returns session attribute as null
Hi My web application has both HTTP and HTTPS jsp pages. I create session in HTTPS page. and use the same throughout. But i have come across strange problem in Tomcat4.0. When i try to access session attribute in HTTP page , it returns null and the user will be logged off. This behavior was not there in Tomacat3.x . My environment is Win2k, IIS+Tomcat4.0 Can any one help me out. thanks in advance manjunath Missed your favourite TV serial last night? Try the new, Yahoo! TV. visit http://in.tv.yahoo.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant archives, FAQs and Forums on JSPs can be found at: http://java.sun.com/products/jsp http://archives.java.sun.com/jsp-interest.html http://forums.java.sun.com http://www.jspinsider.com
JDBCRealm with Digest and SSL Problem!
Hi all, I am trying to use JDBCRealm with Digest combination in a SSL based web page. But it doesn't seem to work! My server.xml is Context path=/misc docBase=d:/eclipse/workspace/MiscTests/deploy debug=99 reloadable=true crossContext=true Realm className=org.apache.catalina.realm.JDBCRealm driverName=com.mysql.jdbc.Driver connectionURL=jdbc:mysql://localhost:3306/privlgs?user=daniel;password= daniel userTable=users userNameCol=x_user_name userCredCol=x_password userRoleTable=user_roles roleNameCol=x_role/ /Context My web.xml is security-constraint web-resource-collection web-resource-nameSecure Directories/web-resource-name url-pattern/subtest/*/url-pattern http-methodGET/http-method http-methodPOST/http-method /web-resource-collection auth-constraint role-nameadmin/role-name /auth-constraint user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint login-config auth-methodDIGEST/auth-method realm-namejdbcRealm/realm-name /login-config I created the password as suggested in Tomcat Docs java org.apache.catalina.realm.RealmBase -a MD5 tom tom:aa47f8215c6f30a0dcdb2a36a9f4168e Database privlgs After this, I have these values in the database: (in table users) x_user_name x_password tomaa47f8215c6f30a0dcdb2a36a9f4168e (in table user_roles) x_user_name x_role tom admin When I browse that page I am prompted with the dialog box but if type the user name as tom and password as aa47f8215c6f30a0dcdb2a36a9f4168e I am unable to login. Any advice on this is appreciated.. Thanks in advance, Daniel.E === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
JDBCRealm with Digest + SSL
Hi all, I am trying to use JDBCRealm with Digest combination in a SSL based web page. But it doesn't seem to work! My server.xml is Context path=/misc docBase=d:/eclipse/workspace/MiscTests/deploy debug=99 reloadable=true crossContext=true Realm className=org.apache.catalina.realm.JDBCRealm driverName=com.mysql.jdbc.Driver connectionURL=jdbc:mysql://localhost:3306/privlgs?user=daniel;password= daniel userTable=users userNameCol=x_user_name userCredCol=x_password userRoleTable=roles roleNameCol=x_role/ /Context My web.xml is security-constraint web-resource-collection web-resource-nameSecure Directories/web-resource-name url-pattern/subtest/*/url-pattern http-methodGET/http-method http-methodPOST/http-method /web-resource-collection auth-constraint role-nameadmin/role-name /auth-constraint user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint login-config auth-methodDIGEST/auth-method realm-namejdbcRealm/realm-name /login-config I created the password as suggested in Tomcat Docs java org.apache.catalina.realm.RealmBase -a MD5 tom tom:aa47f8215c6f30a0dcdb2a36a9f4168e Database privlgs After this, I have these values in the database: (in table users) x_user_name x_password tomaa47f8215c6f30a0dcdb2a36a9f4168e (in table user_roles) x_user_name x_role tom admin When I browse that page I am prompted with the dialog box but if type the user name as tom and password as aa47f8215c6f30a0dcdb2a36a9f4168e I am unable to login. Any suggestion is appreciated.. Thanks in advance, Daniel.E === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
JDBCRealm with Digest and SSL
(Sorry Previous mail my table name was misspelled) Hi all, I am trying to use JDBCRealm with Digest combination in a SSL based web page. But it doesn't seem to work! My server.xml is Context path=/misc docBase=d:/eclipse/workspace/MiscTests/deploy debug=99 reloadable=true crossContext=true Realm className=org.apache.catalina.realm.JDBCRealm driverName=com.mysql.jdbc.Driver connectionURL=jdbc:mysql://localhost:3306/privlgs?user=daniel;password= daniel userTable=users userNameCol=x_user_name userCredCol=x_password userRoleTable=user_roles roleNameCol=x_role/ /Context My web.xml is security-constraint web-resource-collection web-resource-nameSecure Directories/web-resource-name url-pattern/subtest/*/url-pattern http-methodGET/http-method http-methodPOST/http-method /web-resource-collection auth-constraint role-nameadmin/role-name /auth-constraint user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint login-config auth-methodDIGEST/auth-method realm-namejdbcRealm/realm-name /login-config I created the password as suggested in Tomcat Docs java org.apache.catalina.realm.RealmBase -a MD5 tom tom:aa47f8215c6f30a0dcdb2a36a9f4168e Database privlgs After this, I have these values in the database: (in table users) x_user_name x_password tomaa47f8215c6f30a0dcdb2a36a9f4168e (in table user_roles) x_user_name x_role tom admin When I browse that page I am prompted with the dialog box but if type the user name as tom and password as aa47f8215c6f30a0dcdb2a36a9f4168e I am unable to login. Any suggestion is appreciated.. Thanks in advance, Daniel.E === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
SSL Detection
Does anyone know how to detect to see if a user has the correct version of ssl encryption on their web broswer? Thanks, appreciate any feedback. sajag === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
Re: Tomcat SSL
Thank you so much, Vikram! I really appreciate your quick response. Fer- - Original Message - From: Vikramjit Singh [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, October 28, 2002 1:02 AM Subject: Re: Tomcat SSL -Original Message- From: Fernando Barsoba (pradaUSA) [mailto:fbarsoba;PRADAUSA.COM] Sent: Sunday, October 27, 2002 9:50 PM To: [EMAIL PROTECTED] Subject: Tomcat SSL I was able to set up SSL with Tomcat successfully. Now, the problem is that the whole web site is now SSL enabled. What if I only want certain Context to be SSL enabled. Is that possible with Tomcat? In your web.xml you can specify which URLs require SSL as follows: !-- URLs of the form http://host/webAppPrefix/ssl/blah require SSL and are thus redirected to https://host/webAppPrefix/ssl/blah. -- security-constraint web-resource-collection web-resource-namePurchase/web-resource-name url-pattern/ssl/*/url-pattern /web-resource-collection auth-constraint role-nameregistered-user/role-name /auth-constraint user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint The role-name is defined in $CATALINA_HOME/conf/tomcat-users.xml file. Hope that helps. Thank you, Fer- Vikram. == To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com Disclaimer: This e-mail message along with any attachments is intended only for the addressee and may contain confidential and privileged information of GTL Limited. If the reader of this message is not the intended recipient, you are notified that any dissemination, distribution or copy of this communication is strictly prohibited. If you have received this message by error, please notify us immediately, return the original mail to the sender and delete the message from your system. === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
Tomcat SSL
I was able to set up SSL with Tomcat successfully. Now, the problem is that the whole web site is now SSL enabled. What if I only want certain Context to be SSL enabled. Is that possible with Tomcat? Thank you, Fer- ==To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
Re: Tomcat SSL
-Original Message- From: Fernando Barsoba (pradaUSA) [mailto:fbarsoba;PRADAUSA.COM] Sent: Sunday, October 27, 2002 9:50 PM To: [EMAIL PROTECTED] Subject: Tomcat SSL I was able to set up SSL with Tomcat successfully. Now, the problem is that the whole web site is now SSL enabled. What if I only want certain Context to be SSL enabled. Is that possible with Tomcat? In your web.xml you can specify which URLs require SSL as follows: !-- URLs of the form http://host/webAppPrefix/ssl/blah require SSL and are thus redirected to https://host/webAppPrefix/ssl/blah. -- security-constraint web-resource-collection web-resource-namePurchase/web-resource-name url-pattern/ssl/*/url-pattern /web-resource-collection auth-constraint role-nameregistered-user/role-name /auth-constraint user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint The role-name is defined in $CATALINA_HOME/conf/tomcat-users.xml file. Hope that helps. Thank you, Fer- Vikram. == To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com Disclaimer: This e-mail message along with any attachments is intended only for the addressee and may contain confidential and privileged information of GTL Limited. If the reader of this message is not the intended recipient, you are notified that any dissemination, distribution or copy of this communication is strictly prohibited. If you have received this message by error, please notify us immediately, return the original mail to the sender and delete the message from your system. === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
Need Some Document on Implementing SSL in Tomcat
Hi, Can any send me a doc on how to implement SSL in Tomcat. Pls dont give me the URL, since i dont have net connection to browse. thanks regards vijayanand.R (),,,() ( (. .) .-''-. (o ) ) ('o' ) =(,,)=(,,)==(,,)==(,,)= ==To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
SSL in Tomcat
hi, sorry for this off the list topic but i really need some idea. when i created my self-signed certificate using keytool to make SSL available in Tomcat i specify in my certificate information ex. keytool -genkey -dname CN=Mark Smith, OU=JavaSoft, O=Sun, L=Cupertino, S=California, C=US -alias mark but when i access my webserver both through browser and java application by using https://carnelian:8443/testApp; i got and exception which says that HTTPS hostname is wrong or certificate is not the same as site name. so i change the CN key equal to my hostname (ex.Carnelian), now it works...why is this? keytool docs says that CN could be any valid full name...just like the example above when i use Mark Smith. is there a way i can specify the certificate information using the full name instead of the web server hostname?and access it using https without getting an exception. i'm using Apache Tomcat 4.0, JSSE1.0.3, JDK1.3.1 thanks in advance randie === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
Re: SSL in Tomcat
I think that the common name (CN) is the name of the secure server in which you are going to install the certificate, is a very common misunderstanding, at least, that was what I read at the versisgn site when I was trying to obtain a trial certificate. I hope this help. Luis randie ursal wrote: hi, sorry for this off the list topic but i really need some idea. when i created my self-signed certificate using keytool to make SSL available in Tomcat i specify in my certificate information ex. keytool -genkey -dname CN=Mark Smith, OU=JavaSoft, O=Sun, L=Cupertino, S=California, C=US -alias mark but when i access my webserver both through browser and java application by using https://carnelian:8443/testApp; i got and exception which says that HTTPS hostname is wrong or certificate is not the same as site name. so i change the CN key equal to my hostname (ex.Carnelian), now it works...why is this? keytool docs says that CN could be any valid full name...just like the example above when i use Mark Smith. is there a way i can specify the certificate information using the full name instead of the web server hostname?and access it using https without getting an exception. i'm using Apache Tomcat 4.0, JSSE1.0.3, JDK1.3.1 thanks in advance randie === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
Re: SSL in Tomcat
hi keytool is for generating cetificates.. you can give any name you want thatz nothing to do with the server. But if you install the cetificate in tomcat4.0 and access it , obviously it will throw an error saying that the certificate name and host name are not same. The name of the certificate and the host name must match... you can't use any other name... bcoz the certificate is issued to that site so it should match other wise it is not a valid certifiate.. If i was wrong plz correct me hth phani - Original Message - From: Luis Cornide Arce [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, September 03, 2002 2:38 PM Subject: Re: SSL in Tomcat I think that the common name (CN) is the name of the secure server in which you are going to install the certificate, is a very common misunderstanding, at least, that was what I read at the versisgn site when I was trying to obtain a trial certificate. I hope this help. Luis randie ursal wrote: hi, sorry for this off the list topic but i really need some idea. when i created my self-signed certificate using keytool to make SSL available in Tomcat i specify in my certificate information ex. keytool -genkey -dname CN=Mark Smith, OU=JavaSoft, O=Sun, L=Cupertino, S=California, C=US -alias mark but when i access my webserver both through browser and java application by using https://carnelian:8443/testApp; i got and exception which says that HTTPS hostname is wrong or certificate is not the same as site name. so i change the CN key equal to my hostname (ex.Carnelian), now it works...why is this? keytool docs says that CN could be any valid full name...just like the example above when i use Mark Smith. is there a way i can specify the certificate information using the full name instead of the web server hostname?and access it using https without getting an exception. i'm using Apache Tomcat 4.0, JSSE1.0.3, JDK1.3.1 thanks in advance randie === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
SSL in a jsp application
Hi all, I want to secure its application via the use of client certificates. The end-user would configure a client certificate on its browser, and would then initiate an SSL session with the Web server. Does anyone how, or has any code example of how to retrieve the SSL certificate information from a JSP application is to retrieve an java.security.cert.X509Certificate? Thanks Ash === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
SSL, help
Anybody can tell me how to enable ssl in tomcat. When a https communication comes from apache a MalFormedUrlException is thorwed by tomcat when try to invocate servlet. thanks.
Re: SSL, help
Here's a great JavaWorld article on how to use https in your client code: http://www.javaworld.com/javaworld/javatips/jw-javatip96.html You need to have JSSE (Java Secure Sockets Extension) to construct a URL object with HTTPS as the protocol. Justy - Original Message - From: chepa [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, December 18, 2001 9:17 AM Subject: SSL, help Anybody can tell me how to enable ssl in tomcat. When a https communication comes from apache a MalFormedUrlException is thorwed by tomcat when try to invocate servlet. thanks. === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
Re: SSL, help
thanks for your help - Original Message - From: horwat [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, December 18, 2001 4:29 PM Subject: Re: SSL, help Here's a great JavaWorld article on how to use https in your client code: http://www.javaworld.com/javaworld/javatips/jw-javatip96.html You need to have JSSE (Java Secure Sockets Extension) to construct a URL object with HTTPS as the protocol. Justy - Original Message - From: chepa [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, December 18, 2001 9:17 AM Subject: SSL, help Anybody can tell me how to enable ssl in tomcat. When a https communication comes from apache a MalFormedUrlException is thorwed by tomcat when try to invocate servlet. thanks. === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
SSL
Hi All: How do I make a web application running on the websphere application server as a SSL enabled one? Actually we are using IIS as the web server. Thanks Venkat === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
Re: SSL
In the IIS manager , there is an option to change the port number. Change it to 443 VENKATACHALAPATHY Duraiswamy [EMAIL PROTECTED] on 10/30/2001 07:36:04 AM Please respond to A mailing list about Java Server Pages specification and reference [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc:(bcc: Santosh Daryani/IT/Aon Consulting) Subject: SSL Hi All: How do I make a web application running on the websphere application server as a SSL enabled one? Actually we are using IIS as the web server. Thanks Venkat === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
Re: SSL
Here's the websphere guide on how to set up the server for SSL: http://www-4.ibm.com/software/webservers/appserv/doc/v40/ae/infocenter/was/0 6061801a07.html Here's a link to JSSE, the framework and an implementation of a Java version of the SSL and TLS protocols and includes functionality for data encryption, server authentication, message integrity, and optional client authentication. http://java.sun.com/j2se/1.4/docs/guide/security/jsse/JSSERefGuide.html Justy - Original Message - From: VENKATACHALAPATHY Duraiswamy [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, October 30, 2001 4:36 AM Subject: SSL Hi All: How do I make a web application running on the websphere application server as a SSL enabled one? Actually we are using IIS as the web server. Thanks Venkat === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
Re: Offtopic: Direct SSL on Tomcat
Hi, I had the same problem. Edit server.xml file and change port to 443 and then use just https://localhost. Part of the server.xml file: Connector className=org.apache.tomcat.service.PoolTcpConnector Parameter name=handler value=org.apache.tomcat.service.http.HttpConnectionHandler/ !-- Original Parameter name=port value=8443/ -- Parameter name=port value=443/ Parameter name=socketFactory value=org.apache.tomcat.net.SSLSocketFactory / /Connector I want to set up SSL on Tomcat without using Apache. For this, I have followed the steps outlined in the tomcat tutorial. Added SSL Jars to JAVA_HOME/JRE/lib/ext and TOMCAT_HOME/lib. I generated a new certificate using keytool -genkey. Uncommented the SSL lines in server.xml. Now, when I start Tomcat, the SSL sockets start but when I type https://localhost:8443/ the browser keeps on waiting but nothing comes. Do I have to install my applications on SSL again in some otherway or will the same content that is available at http://localhost will be automatically available on https as well? Yours, Niko Luojumäki ZenPark Software === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
SSL
Not sure if this is the right place to ask but . . . I am running orion (oc4j) with SSL I want to display image files to the browser without having to go through IIS. Does anyone know of any good TIF Image Servlets that will let me display images without having to start IIS? Also, is it possible to create virtual directories like you can in IIS? Thanks === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
ssl and jsp
Hi, I am not sure that the JSP mailing list is the rigth place for my question however I did not find a better one. Where can I get information on the function : get_auth_user_ssl ? We use IPlanet Entreprise Server and Directory Server to configure an https web site with strong authentication (server AND client are authenticated with certificate) We get an error and I did not find any information on the IPlanet web site, in the Directory Server documentation, in the Planet Entreprise Server Documentation in the IPlanet FAQS, in the IPlanet developers resources and to access to the IPlanet newsgroup you have to get a specific subscription (funny no ?) ... If an employee from Nescape reads this message, maybe could he understand how to correct my problem. The full error message is : get_auth_user_ssl unable to map cert to LDAP entry. Reason: User's LDAP entry doesn't have any certificates to compare, Issuer: CN=Certificate Manager, OU=authority, O=Police, L=Paris, ST=France, C=FR, User: [EMAIL PROTECTED], CN=Gunter Philips, UID=Philips, OU=Production, O=mreted.com Bernard Granier Mr Ted 115 rue du Fbg Poissonniere 75009 Paris www.MrTed.com Tel : 33 1 55 31 02 65 mail : [EMAIL PROTECTED] === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
SSL in Websphere
Hi All: How do I incorporate SSL in an application which is deployed in Websphere application server? Thanks Venkat === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
How to install SSL onto Tomcat?
Hi, Does anyone know a quick,easy way to install SSL onto TOMCAT or if they know a web site that explains it clearly and well. Somebody told me I might have to integrate Tomcat with Apache web server and then put SSL on. Is this true? Any help on the topic is welcomed. thanks Rui = If a rabbit's foot is so lucky,. what happened to the rabbit? __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: How to install SSL onto Tomcat?
Please checkout the tomcat mailing list. And check the archives first, this is a VERY COMMON question that is answered there many times over. See http://mikal.org/interests/java/tomcat/index.jsp -Original Message- From: Ruaidhrí Fernandes [mailto:[EMAIL PROTECTED]] Sent: Friday, May 25, 2001 4:10 PM To: [EMAIL PROTECTED] Subject: How to install SSL onto Tomcat? Hi, Does anyone know a quick,easy way to install SSL onto TOMCAT or if they know a web site that explains it clearly and well. Somebody told me I might have to integrate Tomcat with Apache web server and then put SSL on. Is this true? Any help on the topic is welcomed. thanks Rui = If a rabbit's foot is so lucky,. what happened to the rabbit? __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST. For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST. Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: ssl
I want to set my tomcat to use ssl. please tell me about this by detail. thank you very much. My environment : win2000 server,tomcat 3.2.1 --- Yutthachai Akesirasuwan [EMAIL PROTECTED] wrote: I want to set my tomcat to use ssl. please tell me about this by detail. thank you very much. __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
ssl
I want to set my tomcat to use ssl. please tell me about this by detail. thank you very much. __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: ssl
you can read in tomcat's [doc] folder, file : tomcat-ssl-howto.html - Original Message - From: Yutthachai Akesirasuwan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, April 19, 2001 9:34 PM Subject: ssl I want to set my tomcat to use ssl. please tell me about this by detail. thank you very much. __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Problem with URL Rewritting and SSL
Not too sure if i sent this, but I'll resend it. Hi, Has anyone encountered a problem with the URL Rewriting via an SSL Session where Cookies are disabled? I'm running Apache 1.3.17 with Mod SSL 2.8.0, and Tomcat 3.2.1 I think there appears to be a bug in the HttpServletResponse.encodeURL() method, the URL rewriting works perfect on Netscape and IE browsers through a non SSL Session and with Cookies Disabled. However, when going through SSL the encodeURL method does not seem to pick up that cookies are disabled and thus does not pass the Session ID through. I'm running this URL rewriting through a JSP tag, so an easy work around for me is to put a wrapper around this encodeURL method, but I'm just wondering if any one else has encountered this issue. Regards, Adrian === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Redirecting from SSL to non-SSL in JSP
Hello, I'm doing JSP and I need to be able to redirect the user from an SSL site to a non-SSL site. For example: I have a page that requires a login, but does not really need to be SSL encrypted. So if they click on this page, they are redirected (using response.sendRedirect()) to a login page which is SSL. After logging in, I want to send them back to the page they were originally trying to get to (which is not SSL). But when I use response.sendRedirect(), both IE and Netscape prompt with a warning that they are being redirected to an insecure document. Has anyone encountered this problem? How do you handle redirecting the user from SSL to non-SSL? Thanks, Neil === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
releasing the SSL connection
hi, I have a servlet running IN WAS3.5 which perform an change password operation to the Active Directory with SSL-128bit. but I just can change the password one time only, and for the subsequent change password operation, I need to down and up the 'default server' or the WAS3.5. I wonder what had happened? I was wonder the environment of the SSL enstablishment is still active, and I cannot establish the another environment again. This problem only happened when I'm establishing the SSL to the Ldap server. anyone any idea? much appreciate. best regards tihoe === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
SSL problem
I'm using NT4. I have the IBM HTTP Server (which is Apache) and Tomcat 1.3 that are linked together via ApacheModuleJServ.dll. I also have an html form whose action is a servlet with a doPost method that validates and then stores a registration form. The trouble is I want all of this to use SSL. All is well up until the point when the form is posted to the apache web server. The link specifies HTTPS, but the browser is swift to inform me that I am about to leave the secure area and that it is about to use plain HTTP for the POST. If I replace the action with say a link to an html page it does not leave the SSL connection so I can only imagine that the browser has realised that it is about to speak to tomcat and not apache and so must revert to HTTP, but I am really not sure. Has anybody succeeded in doing something similar? Thanks in advance. Daryl Johnson. www.firstpay.co.uk === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
SSL prob
.\.\.\.\.\.\. I'm using NT4. I have the IBM HTTP Server (which is Apache) and Tomcat 1.3 that are linked together via ApacheModuleJServ.dll. I also have an html form whose action is a servlet with a doPost method that validates and then stores a registration form. The trouble is I want all of this to use SSL. All is well up until the point when the form is posted to the apache web server. The link specifies HTTPS, but the browser is swift to inform me that I am about to leave the secure area and that it is about to use plain HTTP for the POST. If I replace the action with say a link to an html page it does not leave the SSL connection so I can only imagine that the browser has realised that it is about to speak to tomcat and not apache and so must revert to HTTP, but I am really not sure. Has anybody succeeded in doing something similar? hello this message is very different to the previous one server! Thanks in advance. Daryl Johnson. www.firstpay.co.uk === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: SSL prob
Hi, I haven't used SSL, but i think the problem lies with tomcat and not Apache. To be more specific the Apache to Tomcat communication link ie 'ApacheModuleJserv.dll'. I have read in the Tomcat docs that to use SSL under Apache-Tomcat configuration it is better to use 'mod_jk' as the adapter (dll file). U can get mod_jk from the binaries or sources folder of tomcat. Regards, John === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: SSL
Can you send me and example configuration file on making mod_jserv work with Apache -- with JSP and Servlets working. -- Antonio W. Lagnada Ecommerce Consultant [EMAIL PROTECTED] This email address is specifically for JSP-Interest email list. Remove _NOSPAM for the actual email. "Murphy, Chris (OTS-EDH)" [EMAIL PROTECTED] wrote: I was able to make mine work. Here's the concoction: OS = Linux 6.2 WebServer = Apache 3.1.14 SSL = modssl, openssl (latest, or just match the minor version on apache) JSP Container = Tomcat 3.2 I have a mod_jserv in the apache configuration that allows me to dangle my web-apps off my main url like so: http://www.techrev.net/salestitan/_catalog.jsp?store_id=1 With the above configuration, I can now access it securely: https://www.techrev.net/salestitan/_catalog.jsp?store_id=1 -CM -Original Message- From: Antonio W. Lagnada [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 09, 2000 3:20 PM To: [EMAIL PROTECTED] Subject: SSL Does anyone know of any JSP/Servlet server that will work with SSL? -- Antonio W. Lagnada Ecommerce Consultant [EMAIL PROTECTED] This email address is specifically for JSP-Interest email list. Remove _NOSPAM for the actual email. ___ To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax, all in one place - sign up today at http://www.zdnetonebox.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets ___ To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax, all in one place - sign up today at http://www.zdnetonebox.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Away from topic: SSL and Encryption
Hi, I have a quick question:- I have a browser window which is running in SSL with 128 bit encryption. If I look at the properties of this window there is a heading Connection and it describes the SSL Encryption. From the browser window I have a continue type button which pops up a new window. My problem is before the new window opens a browser alert appears warning that 'You are leaving a secure connection'. Then another message appears saying your are entering a secure connection. My thoughts are that the somehow the webserver is using a different connection for the pop up. Also whent he pop up window opens, if I look at its properties it says the connection is :- Encryption . Unlike the main window which describes ssl etc. Have any of you seen this, or do any of you have any ideas as to where I should look ? Thanks for your time and have a good weekend. Andy Silvey. -Original Message- From: Sylvain Roche [mailto:[EMAIL PROTECTED]] Sent: Freitag, 17. November 2000 11:04 To: [EMAIL PROTECTED] Subject: Re: 600MHz celeron laptop, good enough for webservers? This is clearly enough to run weblogic. It will work. I have it on a 550 celeron with 64mb ram, and win98 (off course, not nt). And page generation will be reasonably long. But you won't be able to developp on this machine, because in this configuration (win 98, weblogic server + console, pws, access database used by the application, some ejb and servlets) the memory allocated reachs more than 160 mb. We use this box here only for demonstration purpose. Don't even think of starting jbuilder or forte. I think 128 mb would be a good starting point, and if you are to developp on that machine, you should consider more Best regards Sylvain -Message d'origine- De : Adrian Papari [EMAIL PROTECTED] À : [EMAIL PROTECTED] [EMAIL PROTECTED] Date : vendredi 17 novembre 2000 10:41 Objet : Re: 600MHz celeron laptop, good enough for webservers? *phew* if you're REALLY REALLY patient i suppose it'd suffice; but if i were you, i'd sacrifice speed fill it wirh ram; 128 min if you're going to run nt. 192 or 256 would give you a lot more performance though; especially if you're going to run a DB on it too. before you purchase any computer, i suggest you find a machine equipped with 64mb ram % try setting up your working environment; don't get surprised if it crashes every now then. mem consumption: Microsoft outlook: ca. 10-13 MB J++: 15-30 MB IE: 13 MB SQL db: a lot Java RE: 5-15 MB NT: ca. too much (my point being, if not already clear enough, 64 mb won't be enough ;)) good luck finding a suitable computer; cheers; //adrian. -Original Message- From: A mailing list about Java Server Pages specification and reference [mailto:[EMAIL PROTECTED]]On Behalf Of vikram chandna Sent: 17 November 2000 09:49 To: [EMAIL PROTECTED] Subject: 600MHz celeron laptop, good enough for webservers? Hi Friends, For my practice I want to get a laptop and I am getting in my budget a 600 MHz celeron with 64 Mb RAM. Ab initio I just want to run Tomcat and later perhaps weblogic server to move onto ejb. Obviously NT would be needed to run on it.I want to know would the given config suffice for me or do I need something else? Regards, Vikram ___ Free Unlimited Internet Access! Try it now! http://www.zdnet.com/downloads/altavista/index.html ___ === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/f
Re: SSL
I was able to make mine work. Here's the concoction: OS = Linux 6.2 WebServer = Apache 3.1.14 SSL = modssl, openssl (latest, or just match the minor version on apache) JSP Container = Tomcat 3.2 I have a mod_jserv in the apache configuration that allows me to dangle my web-apps off my main url like so: http://www.techrev.net/salestitan/_catalog.jsp?store_id=1 With the above configuration, I can now access it securely: https://www.techrev.net/salestitan/_catalog.jsp?store_id=1 -CM -Original Message- From: Antonio W. Lagnada [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 09, 2000 3:20 PM To: [EMAIL PROTECTED] Subject: SSL Does anyone know of any JSP/Servlet server that will work with SSL? -- Antonio W. Lagnada Ecommerce Consultant [EMAIL PROTECTED] This email address is specifically for JSP-Interest email list. Remove _NOSPAM for the actual email. ___ To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax, all in one place - sign up today at http://www.zdnetonebox.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: SSL
u absolutly right Doug, SSL must be handled by Web Server Greetings MD -- Sent through GMX FreeMail - http://www.gmx.net === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
SSL
Does anyone know of any JSP/Servlet server that will work with SSL? -- Antonio W. Lagnada Ecommerce Consultant [EMAIL PROTECTED] This email address is specifically for JSP-Interest email list. Remove _NOSPAM for the actual email. ___ To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax, all in one place - sign up today at http://www.zdnetonebox.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: SSL
Not sure what you meanSSL will work with all the JSP/Servlet engines. That is a dependency on the Web Server. "Antonio W. Lagnada" [EMAIL PROTECTED] on 11/09/2000 03:20:29 PM Please respond to A mailing list about Java Server Pages specification and reference [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc:(bcc: Douglas Wong/CDS/CG/CAPITAL) Subject: SSL Does anyone know of any JSP/Servlet server that will work with SSL? -- Antonio W. Lagnada Ecommerce Consultant [EMAIL PROTECTED] This email address is specifically for JSP-Interest email list. Remove _NOSPAM for the actual email. ___ To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax, all in one place - sign up today at http://www.zdnetonebox.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: SSL
Hi, thanks for the answer. Andy Silvey. -Original Message- From: Bolt, Dave [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 7:22 PM To: [EMAIL PROTECTED] Subject: Re: SSL I know it is possible for a web server to serve secure and insecure content on the same page. For example, the online site for my financial institution causes IE 5.5 to warn me that the site contains SSL and unsecure content. Some secure sites opt to do this mixed security model because they don't want the overhead of sending an image via HTTPS. So in short, I think you can do it. Your users may get weird security warnings from the browser due to the mixed content. If performance is an issue you might want to look into some of the hardware-based SSL accelerators on the market. Supposedly they are faster than software-based SSL. Good luck Dave Bolt ATSC/SPAWAR ASAT Team Bolt's Law of Bandwidth - There is always plenty of network bandwidth, just none for you. -Original Message- From: Silvey, Andrew [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 1:12 PM To: [EMAIL PROTECTED] Subject: SSL Hi, this question may be considered off topic, so please do not read this if you take offence at postings which are not 100% java related. Does anybody know if it is possible to have a session in a browser with one frame connected to one unsecure URL and another frame connected to a secure SSL URL. Another way to describe this, is it possible to have a browser open with a page displayed. The page is broken into two frames. The first frame contains content which is derived from a URL which is http. The second frame contains content which is derived from a URL which is https. I suppose another question is, is it possible to have two frames connected to different URLS from the same browser session ? Thanks for your time. Andy Silvey. === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: SSL
Hi, thanks for the answer. Andy Silvey. -Original Message- From: Doug W [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 7:51 PM To: [EMAIL PROTECTED] Subject: Re: SSL You can do this, but you will get an error in your browser saying that parts of your site are coming from an unsecure server. Doug "Silvey, Andrew" [EMAIL PROTECTED] on 09/27/2000 10:11:31 AM Please respond to A mailing list about Java Server Pages specification and reference [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc:(bcc: Douglas Wong/CDS/CG/CAPITAL) Subject: SSL Hi, this question may be considered off topic, so please do not read this if you take offence at postings which are not 100% java related. Does anybody know if it is possible to have a session in a browser with one frame connected to one unsecure URL and another frame connected to a secure SSL URL. Another way to describe this, is it possible to have a browser open with a page displayed. The page is broken into two frames. The first frame contains content which is derived from a URL which is http. The second frame contains content which is derived from a URL which is https. I suppose another question is, is it possible to have two frames connected to different URLS from the same browser session ? Thanks for your time. Andy Silvey. === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
SSL
Hi, this question may be considered off topic, so please do not read this if you take offence at postings which are not 100% java related. Does anybody know if it is possible to have a session in a browser with one frame connected to one unsecure URL and another frame connected to a secure SSL URL. Another way to describe this, is it possible to have a browser open with a page displayed. The page is broken into two frames. The first frame contains content which is derived from a URL which is http. The second frame contains content which is derived from a URL which is https. I suppose another question is, is it possible to have two frames connected to different URLS from the same browser session ? Thanks for your time. Andy Silvey. === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: SSL
I know it is possible for a web server to serve secure and insecure content on the same page. For example, the online site for my financial institution causes IE 5.5 to warn me that the site contains SSL and unsecure content. Some secure sites opt to do this mixed security model because they don't want the overhead of sending an image via HTTPS. So in short, I think you can do it. Your users may get weird security warnings from the browser due to the mixed content. If performance is an issue you might want to look into some of the hardware-based SSL accelerators on the market. Supposedly they are faster than software-based SSL. Good luck Dave Bolt ATSC/SPAWAR ASAT Team Bolt's Law of Bandwidth - There is always plenty of network bandwidth, just none for you. -Original Message- From: Silvey, Andrew [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 1:12 PM To: [EMAIL PROTECTED] Subject: SSL Hi, this question may be considered off topic, so please do not read this if you take offence at postings which are not 100% java related. Does anybody know if it is possible to have a session in a browser with one frame connected to one unsecure URL and another frame connected to a secure SSL URL. Another way to describe this, is it possible to have a browser open with a page displayed. The page is broken into two frames. The first frame contains content which is derived from a URL which is http. The second frame contains content which is derived from a URL which is https. I suppose another question is, is it possible to have two frames connected to different URLS from the same browser session ? Thanks for your time. Andy Silvey. === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: SSL
You can do this, but you will get an error in your browser saying that parts of your site are coming from an unsecure server. Doug "Silvey, Andrew" [EMAIL PROTECTED] on 09/27/2000 10:11:31 AM Please respond to A mailing list about Java Server Pages specification and reference [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc:(bcc: Douglas Wong/CDS/CG/CAPITAL) Subject: SSL Hi, this question may be considered off topic, so please do not read this if you take offence at postings which are not 100% java related. Does anybody know if it is possible to have a session in a browser with one frame connected to one unsecure URL and another frame connected to a secure SSL URL. Another way to describe this, is it possible to have a browser open with a page displayed. The page is broken into two frames. The first frame contains content which is derived from a URL which is http. The second frame contains content which is derived from a URL which is https. I suppose another question is, is it possible to have two frames connected to different URLS from the same browser session ? Thanks for your time. Andy Silvey. === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
SSL and Non SSL
Hi Has anybody configure Jrun 2.3 to run Servlet and JSP in SSL and non SSL environment Currently I have problem to access servlet in HTTP after SSL installation. My environment is Jrun 2.3 and IIS 4.0 Thanks for your help in advance Best regards Tandil === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Where can I find a useful document about SSL Connection
I want to use SSL for my authentication but I don't have any knowledge about it.Where Can I find a useful document or example. Thankx Hooman Ahmadi Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: ssl + tomcat: use apache+mod_ssl, then connect that to tomcat
Thanks for the reply But how to connect that with tomcat? Thanks again From: Andy Purshottam [EMAIL PROTECTED] To: "'[EMAIL PROTECTED]'" [EMAIL PROTECTED] Subject: ssl + tomcat: use apache+mod_ssl, then connect that to tomcat Date: Thu, 17 Aug 2000 15:28:40 -0700 __ Do You Yahoo!? Send instant messages get email alerts with Yahoo! Messenger. http://im.yahoo.com/ === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Fw: Your post has been returned (Apache, tomcat, and SSL [Urgent])
- Original Message - From: "L-Soft List Server" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, August 18, 2000 9:25 AM Subject: Your post has been returned (Apache, tomcat, and SSL [Urgent]) IMPORTANT MAILING LIST POLICY - Sun maintains this service solely for the benefit and convenience of its developers, customers and partners. In order to help reduce the possibility that Sun hosted mailing list participants do not receive attachments that may contain viral or other harrassing code or properties, it is Sun's policy that emails sent to this mailing list should not contain any attachment whatsoever. In order to help ensure compliance with this policy and protect participants against uninvited intrusions, Sun will undertake to screen for and block delivery of all emails to this mailing list containing any attachment. Nonetheless, protection against uninvited intrusions is everyone's responsibility. Do not attempt to send emails with attachments to this list. Should you receive an email from this list that contains an attachment, do not open the attachment unless you are confident that its contents are benign. If your email is blocked through this process, you may remove the attachment and resend. Alternatively, emails containing attachments may be sent directly to willing recipients. We apologize for any inconvenience that this necessary policy may cause to you. -- Your post --- From owner-jsp-interest Fri Aug 18 07:25:06 2000 Received: from pokey.itsc.uah.edu (itsc.uah.edu [146.229.2.44]) by mail.java.sun.com (8.10.0.Beta13+Sun/8.10.0.Beta13) with ESMTP id e7IEP5J17311 for [EMAIL PROTECTED]; Fri, 18 Aug 2000 07:25:05 -0700 (PDT) Received: from ruby (ruby.itsc.uah.edu [146.229.2.53]) by pokey.itsc.uah.edu (8.9.3/8.8.7) with SMTP id JAA19168 for [EMAIL PROTECTED]; Fri, 18 Aug 2000 09:23:15 -0500 Message-ID: 00f601c00920$28d0f440$[EMAIL PROTECTED] From: "Mohammad Alshayeb" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Apache, tomcat, and SSL [Urgent] Date: Fri, 18 Aug 2000 09:25:29 -0500 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="=_NextPart_000_00F3_01C008F6.3FF4D1C0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 This is a multi-part message in MIME format. --=_NextPart_000_00F3_01C008F6.3FF4D1C0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi all, What do I need to download, install, and configure in order to get my = =3D apache-tomcat web server use SSL? Is there any documentation about that? Please help. --=_NextPart_000_00F3_01C008F6.3FF4D1C0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" HTMLHEAD META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1" META content=3D"MSHTML 5.50.4134.600" name=3DGENERATOR STYLE/STYLE /HEAD BODY bgColor=3D#ff DIVHi all,BRWhat do I need to download, install, and configure in = order to=20 get my =3DBRapache-tomcat web server use SSL?BRIs there any = documentation=20 about that?BRPlease help./DIV/BODY/HTML --=_NextPart_000_00F3_01C008F6.3FF4D1C0-- === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
SSL+tomcat
Hi every one, How can I use SSL with tomcat? What should I install?How should I configure it? Should I install "apache with SSL"? Please help Thanks in advance... Mike, --- If you fail to plan.. You are planning to fail. __ Do You Yahoo!? Send instant messages get email alerts with Yahoo! Messenger. http://im.yahoo.com/ === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
How to create SSL
How to create SSL? Does apache support SSL? How to use it in my web page. All what I want to do is get a username and password and check them on the server. I have levels of authority so I want also to know the level of authority and return the result via secure port. Would you please help. Thanks. __ Do You Yahoo!? Kick off your party with Yahoo! Invites. http://invites.yahoo.com/ === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
SSL Resin ???
Hi, Can anybody tell me what is SSL Server and what is Resin 1.1? URGENT Regards, Sujoy === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: SSL Resin ???
Resin is a Servlet/JSP server extention; a pice of software that can work with a web server and extend its capabilities in order to suppot JSP's and Servlets. SSL Stands for Secure Socket Layer (if I remember well) and is a secure protocol defined to comunicate private data over the internet. A SSL server just support that comunication protocol. mauro -Original Message- From: A mailing list about Java Server Pages specification and reference [mailto:[EMAIL PROTECTED]]On Behalf Of Sujoy Kumar Bose Sent: 22 May 2000 13:37 To: [EMAIL PROTECTED] Subject: SSL Resin ??? Importance: High Hi, Can anybody tell me what is SSL Server and what is Resin 1.1? URGENT Regards, Sujoy == = To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
JSP Engine having JSP1.1 Support SSL configuration with JSP
Hi, I would like to know any JSP Engine giving support for JSP 1.1 and servlets 2.2 other than Resin 1.1 which gives support both of them. If you know one please let me know fast. Also I would like to know how to configure SSL in a site build in JSP. Currently we are facing problem in implementing SSL with Resin 1.1 Our current setup is MS IIS 4.0 Please Reply Fast. Thanking in Advance. Vivek Ojha __ Do You Yahoo!? Send instant messages get email alerts with Yahoo! Messenger. http://im.yahoo.com/ === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: JSP Engine having JSP1.1 Support SSL configuration with JSP
ServletExec 3.0 supports Servlet API 2.2 and JSP 1.1: http://www.servletexec.com/ Just install ServletExec on your SSL server--it requires no additional configuration. The web server takes can of the SSL protocol. Vince Bonfanti Unify Corporation -Original Message- From: A mailing list about Java Server Pages specification and reference [mailto:[EMAIL PROTECTED]]On Behalf Of Vivek Ojha Sent: Saturday, May 20, 2000 7:25 AM To: [EMAIL PROTECTED] Subject: JSP Engine having JSP1.1 Support SSL configuration with JSP Hi, I would like to know any JSP Engine giving support for JSP 1.1 and servlets 2.2 other than Resin 1.1 which gives support both of them. If you know one please let me know fast. Also I would like to know how to configure SSL in a site build in JSP. Currently we are facing problem in implementing SSL with Resin 1.1 Our current setup is MS IIS 4.0 Please Reply Fast. Thanking in Advance. Vivek Ojha === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
SSL and user identification
How can I get user informations from jsp when I use SSL with client authentication? E.g. if I use OAS with SSL requiring client authentication via certificate request, how can I know in my jsp script which is user connected to my page? Thank's in advance Mauro === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: JSP and SSL: Question??
--- Prasad Keskar [EMAIL PROTECTED] wrote: But how do u have pages running via the SSL? Do I have do some setting on the server side or on the pages so that my transactions are secure. PlZ let me know ASAP. All Browsers are SSL capable already. All that needs to be done is enable SSL on they Web Server. You'd have to consult the docs for your particular Web Server on how to do this exactly. Once that is done any time a Browser connects to the SSL port on your server the pages sent page and forth, be they html or generated pages, will be encrypted. -- Original Message -- From: Alex Cachia [EMAIL PROTECTED] Reply-To: Alex Cachia [EMAIL PROTECTED] Date: Fri, 24 Mar 2000 13:35:01 -0800 --- "Bragg, James" [EMAIL PROTECTED] wrote: Does anyone have an opinion on the best to incorporate SSL with JSP. I'm leaving it up to the Browser and the Web Server to negotiate the SSL channel. Anything you send over that channel the world will not be able to see. Also is it possible to utilize SSL without having a Login Screen. SSL provides you with the Encryption. If this satisfies your requirement then you do not need a Login Screen. However, if you require your users to be Authenticated then you'll have to provide some sort of credential challenge, typically through Form Based Login Screen. Sorry, just starting out with JSP and SSL... thanks.. - James C. Bragg Senior Software Consultant Computer Associates International Inc === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets __ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets __ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: JSP and SSL: Question??
Hi, You seem to have several questions roled into one. What exactly are you trying to do? If you simply want to protect information sent from a web browser to your servlet/JSP, run your servlet engine from a SSL enabled Web server. You also seem to be confused as to exactly what SSL is. SSL only encrypts the traffic between the server and the client. Part of the negotiation of a SSL session is that the server MUST identify itself (via a X.509 aka digital certificate). A client MAY authenticate itself to a server (also via certificate, more on this later). Typically you protect Web sites using either HTTP BASIC authentication (e.g. the browser pops open a box asking for a userid and password) OR via some sort of system that requires the user to enter their userid and password via a form. Unless the server is running SSL, this information is sent over the network in the clear. One common use of SSL is to protect id and passwords from being transmitted in the clear. You can improve your authentication scheme by the use of client certificates. SSL uses public key encryption (where the encryption/decryption is accomplished using 2 keys. A private key which is only known by the holder, and a public key that can be shared. If something is encrypted with the private key, it can only be decrypted by its public key. If something is encrypted by its public key, it can only be decrypted by its private key). A digitial certificate is simply a public key with some extra information (in particular the key is signed by a trusted 3rd party who has verified the owner of the key to be whom they say they are) to help identify that it is indeed the public key of the holder. ). Under SSL you can request a client's certificate. If you can verifiy the certificate (at minimum by verifiying that it was issued by a trusted third party or you can verify its contents by comparing it to a public key stored in a directory service like LDAP) then the user is authenticated. Finally one possible outcome of your question is "how do I use SSL for my application (eg. I need to connect to email server securely for a web based mail reader)?". In which case you need to use JSSE or some other similar SSL API for Java. If that's not clear, let me know. I'll try to help. Mark On 24 Mar 00, at 12:30, Bragg, James wrote: Does anyone have an opinion on the best to incorporate SSL with JSP. Also is it possible to utilize SSL without having a Logon Screen. Sorry, just starting out with JSP and SSL... thanks.. - James C. Bragg Senior Software Consultant Computer Associates International Inc === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
JSP and SSL: Question??
Does anyone have an opinion on the best to incorporate SSL with JSP. Also is it possible to utilize SSL without having a Logon Screen. Sorry, just starting out with JSP and SSL... thanks.. - James C. Bragg Senior Software Consultant Computer Associates International Inc === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: JSP and SSL: Question??
--- "Bragg, James" [EMAIL PROTECTED] wrote: Does anyone have an opinion on the best to incorporate SSL with JSP. I'm leaving it up to the Browser and the Web Server to negotiate the SSL channel. Anything you send over that channel the world will not be able to see. Also is it possible to utilize SSL without having a Login Screen. SSL provides you with the Encryption. If this satisfies your requirement then you do not need a Login Screen. However, if you require your users to be Authenticated then you'll have to provide some sort of credential challenge, typically through Form Based Login Screen. Sorry, just starting out with JSP and SSL... thanks.. - James C. Bragg Senior Software Consultant Computer Associates International Inc === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets __ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Re: JSP and SSL: Question??
But how do u have pages running via the SSL? Do I have do some setting on the server side or on the pages so that my transactions are secure. PlZ let me know ASAP. -- Original Message -- From: Alex Cachia [EMAIL PROTECTED] Reply-To: Alex Cachia [EMAIL PROTECTED] Date: Fri, 24 Mar 2000 13:35:01 -0800 --- "Bragg, James" [EMAIL PROTECTED] wrote: Does anyone have an opinion on the best to incorporate SSL with JSP. I'm leaving it up to the Browser and the Web Server to negotiate the SSL channel. Anything you send over that channel the world will not be able to see. Also is it possible to utilize SSL without having a Login Screen. SSL provides you with the Encryption. If this satisfies your requirement then you do not need a Login Screen. However, if you require your users to be Authenticated then you'll have to provide some sort of credential challenge, typically through Form Based Login Screen. Sorry, just starting out with JSP and SSL... thanks.. - James C. Bragg Senior Software Consultant Computer Associates International Inc === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets __ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
Apache with SSL
I know there is a mod_ssl for Apache. If I use it, can my web server be both regular one and secure one? I set it up in WinNT, is mod_ssl available for NT? whenever I tried to download the latest mod_ssl 2.6.2, my winzip cannot open it. Do I really need go to UNIX to untar this thing? If the answer is yes, is this model compatible with NT? Also, I tried to build a commercial web site in US, can I use it? Thanks any advice in advance! -David === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". Some relevant FAQs on JSP/Servlets can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
SSL Programming
hi guys, I want to make some of my page accessible using SSL ? how can i do this ??? is there any docs pertaining to this ?? Any help on link would be appreciated. Thanks. Sanjay -- Tough Time Never Lasts, but Tough People Do !! - Dr. Robert Schuller __ NetZero - Defenders of the Free World Get your FREE Internet Access and Email at http://www.netzero.net/download/index.html === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html
Re: SSL
What web server are you using? - Original Message - From: Phil Swenson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, February 01, 2000 7:46 AM Subject: SSL What do people reccommend for SSL (ie posint to a credit card system at a bank for credit card auth) on a web site? Sun has a reference implementation of SSL - I guess it's the same thing you get when you buy J2EE, right? Of course I can't find any info on J2EE pricing on Sun's site. RSA wants some ungodly amount of money (30K + revenue sharing). Or I can get an ActiveX control for $200 and use JIntegra to call it. What other options do I have? Thanks, Phil === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html
Re: SSL
- Original Message - From: Richard Vowles [EMAIL PROTECTED] To: Phil Swenson [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, February 01, 2000 12:59 AM Subject: Re: SSL What web server are you using? - Original Message - From: Phil Swenson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, February 01, 2000 7:46 AM Subject: SSL What do people reccommend for SSL (ie posint to a credit card system at a bank for credit card auth) on a web site? Sun has a reference implementation of SSL - I guess it's the same thing you get when you buy J2EE, right? Of course I can't find any info on J2EE pricing on Sun's site. RSA wants some ungodly amount of money (30K + revenue sharing). Or I can get an ActiveX control for $200 and use JIntegra to call it. What other options do I have? Thanks, Phil === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html
Re: SSL
Not sure if you answered there or not, but on re-reading your message, you seem to have a few fundamental misassumptions. SSL is a capability for a web server, most web servers available in the US have this capability built in, Apache does not. J2EE is not something you can "buy" from Sun, it is a specification that people comply to, but Sun do have a series of products - currently being renamed iPlanet, was JWS, Netscape Application Server NetDynamics (steer clear of NetDramatics) and amalgamated. Other organisations have implementations as well (Inprise, BEA, IBM (ish), Oracle and so forth). Using an ActiveX and JIntegra won't solve your problems as SSL is something that needs to be built into the server really. So the important question is what web server do you have or want to use? If you don't have any particular choice, do you have a particular platform that you want to use? MS? Linux? Solaris? etc. Apache is a good free solution which, with a little bit of work (very little on *nix, but a whole lot of MSDOS) will provide a free implementation of SSL (I am using this at home on my Linux box at the moment). The Apache SSL project is located at www.apache-ssl.org. Richard - Original Message - From: Phil Swenson [EMAIL PROTECTED] To: Richard Vowles [EMAIL PROTECTED]; JSP Mailing List [EMAIL PROTECTED] Sent: Wednesday, February 02, 2000 6:33 AM Subject: Re: SSL - Original Message - From: Richard Vowles [EMAIL PROTECTED] To: Phil Swenson [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, February 01, 2000 12:59 AM Subject: Re: SSL What web server are you using? - Original Message - From: Phil Swenson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, February 01, 2000 7:46 AM Subject: SSL What do people reccommend for SSL (ie posint to a credit card system at a bank for credit card auth) on a web site? Sun has a reference implementation of SSL - I guess it's the same thing you get when you buy J2EE, right? Of course I can't find any info on J2EE pricing on Sun's site. RSA wants some ungodly amount of money (30K + revenue sharing). Or I can get an ActiveX control for $200 and use JIntegra to call it. What other options do I have? Thanks, Phil === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html
Re: SSL
Sorry, there was a typo in my original msg so it may have been a bit unclear... I want to do an HTTPS POST to the bank's credit card server. I don't think my web server (IIS) does anything for me on this... We can use the web server's SSL capibility to take the order, but we also have to authorize the CC transaction/post the transaction with the bank Thanks... Phil === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html
SSL
What do people reccommend for SSL (ie posint to a credit card system at a bank for credit card auth) on a web site? Sun has a reference implementation of SSL - I guess it's the same thing you get when you buy J2EE, right? Of course I can't find any info on J2EE pricing on Sun's site. RSA wants some ungodly amount of money (30K + revenue sharing). Or I can get an ActiveX control for $200 and use JIntegra to call it. What other options do I have? Thanks, Phil === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html
Re: SSL
You can also try SSLava from Phaos Technologies www.phaos.com for an SSL library. If you are specifically trying to do credit card authorization/processing, you should look at using software or a service from VeriFone, CyberSource, or CyberCash. If you go w/ a service, they will charge a fee per transaction. I don't think you will have much success writing the software yourself to go straight to the bank b/c you will have to get the protocol from the bank and get your software certified w/ the bank. -Richard [EMAIL PROTECTED] -Original Message- From: Phil Swenson [mailto:[EMAIL PROTECTED]] Sent: Monday, January 31, 2000 10:47 AM To: [EMAIL PROTECTED] Subject: SSL What do people reccommend for SSL (ie posint to a credit card system at a bank for credit card auth) on a web site? Sun has a reference implementation of SSL - I guess it's the same thing you get when you buy J2EE, right? Of course I can't find any info on J2EE pricing on Sun's site. RSA wants some ungodly amount of money (30K + revenue sharing). Or I can get an ActiveX control for $200 and use JIntegra to call it. What other options do I have? Thanks, Phil === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html
JSP + Apache +OpenSa(SSL)
Hi All, My application is on GNUJSP/Apache 1.3.9 amd I am using OpenSa 0.10(for Apache_SSL) for windows to implement SSL on my webserver. While accessing I am getting a problem from my SSL site using https protocol. I am getting following error message "The Certificate is not approved for the attempted application". Please note that we are using the dummy certificate available with opensa for testing. Can any one have any idea? Thanks in Advance. Regards, Jai
Secure passwords SSL + J2EE
Hi, I was recently lamenting the USA's export law which was stopping me from downloading J2EE as it contained encryption products, in particular an SSL API. Well I just heard on the SERVLET-INTEREST list that Sun have got the export license and we can all get it now. Hooray! Karl === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html
Re: SSL
Hi! If you want to use SSL first of all you must have a server's certificate. Then every reference to that page or inside your html page must be with https instead of http. My experience in SSL is with NT. With IIS on NT you can create a certificate by yourself or ask to a Certification Autority to have one (paying something), then you have to create from the Key Manager (in IIS) a file of the keys (public and private) and then you must connect the certificate to the keys. At this point your server has the certificate a file with the .cer extension and every link in the page with https will pass through the 443 port and will be protected. Hope this help Elena Miguel Curi wrote: Anyone knows if there anything different that an html file has to include so that it can be used with ssl? Miguel Curi 8795 Paulden Ct. Lewis Center, OH 43035 (614) 436-4159 [EMAIL PROTECTED] === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html begin:vcard n:Palanca;Elena tel;work:Dipartimento di Informatica di Pisa x-mozilla-html:FALSE adr:;; version:2.1 email;internet:[EMAIL PROTECTED] fn:Dott. Elena Palanca end:vcard
SSL
Anyone knows if there anything different that an html file has to include so that it can be used with ssl? Miguel Curi 8795 Paulden Ct. Lewis Center, OH 43035 (614) 436-4159 [EMAIL PROTECTED] === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html
SSL vs Non-SSL
Has anyone come up with a good solution to the SSL vs the Non-SSL problem. Back when we were using pure servlets, we could access a servlet in either one of two ways: * http://host/servlet/MyServlet * https://host/servlet/MyServlet In other words, the same servlet could be used either in secure or non-secure mode. Now that we are migrating to JSP pages, this no longer works: * http://host/public/MyJspPage.jsp * https://host/secure/MyJspPage.jsp Because we have separated our public tree from our secure tree, we now need to deploy the same file to two places (our production environment is NT so using soft links is not an option), which is less than ideal. One solution is to merge our public and secure trees, but this is not desirable because with some web servers (JWS) only secure pages can be used with client-side-digital-certificates (and furthermore, *all* secure pages must be used with client-side-digital-certificates). Since we want users that do not have client-side-digital-certificates to access some of our pages, we have divided them into pubic and secure. Furthermore, we have applets which are sometimes run from public pages and sometimes run from secure pages. Meaning that we need jar files and class trees on the public side and copies of these on the secure side (not to mention yet other class trees for servlets and beans). And we want to avoid the annoying message: "Some of the components on this page are secure and some are non-secure. Do you want to continue?" Most of our end users would have no idea what to do with that message. Although we have a working production environment, it is not pretty. I was just wondering if anyone else has similar requirements and how they sorted this all out. Chris === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". FAQs on JSP can be found at: http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.html
SSL JSP-Servlet
Hi, I need to implement securty issues in my application using Servlet and Jsp. I'm under WINNT 4.0 with IIS 4.0 and I'm using JRun. My problem is: Till I call servlets (through the Jrun Connector, JCP ) with https:/localhost/nameservlet everything works fine, but how can I use in this contex JSP1.0 pages without using the JRun Web Server (default port 8000).Infact my aim is to use IIS web server for JSP1.0 pages using only the Jrun Servlet Engine (JSE). First of all is this possible? and if so which are the steps to follow to configure such environment? Grazie Elena begin:vcard n:Palanca;Elena tel;work:Dipartimento di Informatica di Pisa x-mozilla-html:FALSE adr:;; version:2.1 email;internet:[EMAIL PROTECTED] fn:Dott. Elena Palanca end:vcard
SSL JSP-Servlet
Thank you Oliver, I followed you procedure but I can't visualize JSP page. First I put the jsp page in the c:\inetpub\wwrooot and this doesn't work, then I try to put it under c:\Jrun\servlets and this doesn't work too. Where I have to put it? And how IIS knows that a .jsp request must go to the jse? What I doing wrong? Thanks Elena begin:vcard n:Palanca;Elena tel;work:Dipartimento di Informatica di Pisa x-mozilla-html:FALSE adr:;; version:2.1 email;internet:[EMAIL PROTECTED] fn:Dott. Elena Palanca end:vcard