0 Replies Latest reply on Sep 12, 2005 10:54 AM by Wojciech Ciesielski

    Webapp over SSL - step by step tutorial needed

    Wojciech Ciesielski Newbie

      Hi there - I know this is basics and that's why I ask for simple tutorial instead of tens of pages of JAAS specs... How can I force my webapp to comunicate over SSL? I don't want (at leas at this moment) to use JAAS based authentication - just SSL connection security...

      I've added

      <security-constraint>
       <display-name>general SSL security</display-name>
       <web-resource-collection>
       <web-resource-name>all pages</web-resource-name>
       <url-pattern>/*</url-pattern>
       </web-resource-collection>
       <user-data-constraint>
       <transport-guarantee>CONFIDENTIAL</transport-guarantee>
       </user-data-constraint>
       </security-constraint>

      to my web.xml file and uncommented this in server/default/deploy/tomcat.../server.xml:

      <Connector port="8443" address="${jboss.bind.address}"
       maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
       emptySessionPath="true"
       scheme="https" secure="true" clientAuth="true"
       keystoreFile="${jboss.server.home.dir}/conf/test.keystore"
       keystorePass="opensource" sslProtocol = "TLS" />


      While doing localhost:8080/MyApp I am redirected to https://localhost:8443/MyApp but all of this freezes at this point without any error or warning (even on DEBUG level in JBoss).

      Any assistance?

      TIA