facebook
  1. MyEclipse IDE
    2.  > 
  2. Java EE Development (EJB, JSP, Struts, XDoclet, etc.)

Struts, SSL and Tomcat

  1. MyEclipse IDE
    2.  > 
  2. Java EE Development (EJB, JSP, Struts, XDoclet, etc.)
Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • January 25, 2005 at 6:06 am #223416 Reply

    npearce
    Member

    Looking for guidance on how to mix http and https in my struts app uing tomcat.

    I have already configured tomcat to listen on 8443 for sll connections but now need my app to support SLL on certain pages. Is is a web.xml thing?

    Any help welcomed.

    Cheers

    Nick

    January 25, 2005 at 7:46 am #223418 Reply

    Robert Varga
    Participant

    @npearce wrote:

    Looking for guidance on how to mix http and https in my struts app uing tomcat.

    I have already configured tomcat to listen on 8443 for sll connections but now need my app to support SLL on certain pages. Is is a web.xml thing?

    Any help welcomed.

    Cheers

    Nick

    I seem to remember seeing the necessary stuff for this on the Struts webpage (struts.apache.org) in the FAQ.

    Regards,

    Robert Varag

    January 25, 2005 at 7:46 am #223419 Reply

    Robert Varga
    Participant

    @npearce wrote:

    Looking for guidance on how to mix http and https in my struts app uing tomcat.

    I have already configured tomcat to listen on 8443 for sll connections but now need my app to support SLL on certain pages. Is is a web.xml thing?

    Any help welcomed.

    Cheers

    Nick

    I seem to remember seeing the necessary stuff for this on the Struts webpage (struts.apache.org) in the FAQ.

    Regards,

    Robert Varga

    January 25, 2005 at 7:46 am #223420 Reply

    Robert Varga
    Participant

    grrr…. misspelling my own name… 🙂

    January 25, 2005 at 8:49 am #223421 Reply

    npearce
    Member

    Thanks for that but at the mo I can’t find anything 2 useful on the apache site…

    I have added the following to web.xml but I do not get redirected to https.

    <security-constraint>
    <web-resource-collection>
    <web-resource-name>exampleProj</web-resource-name>
    <url-pattern>/form/login.jsp</url-pattern>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
    <role-name>user</role-name>
    </auth-constraint>
    <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
    </security-constraint>

    – exampleProj is the name of the struts app
    – /form/login.jsp is the path to the login screen that I wish to be secure
    – my tomcat install is setup on port 8443 for ssl

    January 25, 2005 at 7:24 pm #223492 Reply

    Antonio W. Lagnada
    Member

    Hi There,

    The url-pattern element takes a pattern not a specific page.

    place your “secure” jsp files under /form/secure/ (just a suggestion)

    I would try the following:

    <url-pattern>/form/secure/*.jsp</url-pattern>

    OR

    <url-pattern>/form/secure/*</url-pattern>

    It should redirect to SSL.

    Now that we are on this subject, the problem I am having is that after the user logs in I want to go back to a NON-SECURE page.

    Putting the following entry below does not redirect me back to a non https page. Can anyone help???

    <transport-guarantee>NONE</transport-guarantee>
  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)
Reply To: Struts, SSL and Tomcat

You must be logged in to post in the forum log in