I'm not sure what you mean by mapping the web.xml to the rest pattern but
the easiest scenario is if you want to make your application only TLS
accessible. If your TLS endpoint is application container (Tomcat, Jetty,
etc..) then you just need edit the server configuration files and point it
to your certificate (not the web.xml), for Tomcat see
http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration. If
you have a http proxy in front (such as Apache Httpd, Nginx) then you need
to do the same configuration there and also let your application container
know that you want to return https urls even if your container sees only
incoming http requests (for Tomcat, you edit the context configuration
files). Tapestry, tynamo-resteasy or tynamo-federatedaccounts barely enter
the picture here. @Secure is only needed if you have a mixed http/https
application (see https://tapestry.apache.org/https.html).
Kalle
On Fri, Apr 17, 2015 at 4:35 PM, Boris Horvat horvat.z.bo...@gmail.com
wrote:
Does anyone have any idea where to start with this?
I have enabled the rest using tynamo resteasy so now I am wondering do I
need to do anything special in the application to make it SSL/TSL
protected?
Is it as simple as enabling the SSL/TSL on the host and mapping the web.xml
to the rest pattern?
Could tynamo-federatedaccounts help with this?
Do I need to use tapestry @Secure annotation?
(I do understand that those are pretty vague question but still hoping for
answer before I just run my head against the wall and see what happens)
Thanks
Boris
