security 1

[yama]

Hi, I am currently doing a website using JSP. does anyone know how to implement security in pages when sending data?
something like when you are sending data over the internet, a lock icon appear at the status bar and they ask,"You are sending data over a secure website....
anyone?

Thanks

 

[wushutwist]

You have to implement SSL on the Web Server and then place your jsp pages in the SSL html document root. The code for your pages remains the same, the only that will change are the links. You must use

[URL unfurl="true"]https://address[/URL]

instead of

[URL unfurl="true"]http://address[/URL]

. Details for implementation of SSL differ per Server. Consult the documentation for your Web Server. Wushutwist

 

[yama]

hi.
but how do you implement SSL in the webserver?

 

[wushutwist]

What Web Server are you using? Wushutwist

 

[yama]

hmm..currently I am using tomcat v3.1

 

[wushutwist]

First off I suggest you upgrade your Tomcat. Tomcat 3.1 is considered legacy and is no longer actively supported. Secondly, here is a link from Tomcat's website detailing how to setup SSL on Tomcat 3.2

http://jakarta.apache.org/tomcat/tomcat-3.2-doc/tomcat-ssl-howto.html

. You will probably want to take a look at Direct SSL unless you are using Apache (or another Web Server) in conjunction with Tomcat. It is very straight-forward, you shouldn't have much trouble. Wushutwist

 

[fabriciovale]

I have followed these steps (described at apache's site) to implement ssl directily on tomcat and I've got no error messages.
The problem is that I dont know where to put my secure pages. Do I need to edit 'server.xml' file to do so?
Thanks

-fabricio