I'm not sure what you mean by "mapping the web.xml to the rest pattern" but the easiest scenario is if you want to make your application only TLS accessible. If your TLS endpoint is application container (Tomcat, Jetty, etc..) then you just need edit the server configuration files and point it to your certificate (not the web.xml), for Tomcat see http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration. If you have a http proxy in front (such as Apache Httpd, Nginx) then you need to do the same configuration there and also let your application container know that you want to return https urls even if your container sees only incoming http requests (for Tomcat, you edit the context configuration files). Tapestry, tynamo-resteasy or tynamo-federatedaccounts barely enter the picture here. @Secure is only needed if you have a mixed http/https application (see https://tapestry.apache.org/https.html).
Kalle On Fri, Apr 17, 2015 at 4:35 PM, Boris Horvat <horvat.z.bo...@gmail.com> wrote: > Does anyone have any idea where to start with this? > > I have enabled the rest using tynamo resteasy so now I am wondering do I > need to do anything special in the application to make it SSL/TSL > protected? > > Is it as simple as enabling the SSL/TSL on the host and mapping the web.xml > to the rest pattern? > > Could tynamo-federatedaccounts help with this? > > Do I need to use tapestry @Secure annotation? > > (I do understand that those are pretty vague question but still hoping for > answer before I just run my head against the wall and see what happens) > > Thanks > Boris >