 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / General / January 2006how to make a secured application
How to make a secured application ? i have a login.jsp which acepts userid,password and goes to the DB, verify it and puts a welcome page. I want to make this application secured. i have deployed it in tomcat. in order to make this application secured what are the steps to be followed ? i have this : login.jsp==>uid,pass==>goes to servlet===> goes to DB===>verify===>success/failure==>welcome/login again. Question : what are the changes i have to make to make this application secured ? Question : do i have to change any configauration in the tomcat ? > How to make a secured application ? > > i have a login.jsp which acepts userid,password and goes to the DB, > verify it and puts a welcome page. > > I want to make this application secured. Please define what you mean by "secured". Do you mean that you want to place it behind SSL/HTTPS?  Signaturewww.designacourse.com The Easiest Way To Train Anyone... Anywhere. Chris Smith - Lead Software Developer/Technical Trainer MindIQ Corporation >> How to make a secured application ? >> [quoted text clipped - 5 lines] > Please define what you mean by "secured". Do you mean that you want to > place it behind SSL/HTTPS? Didn't see the original post, but assuming the OP just wants some general guidelines on making his/her webapp secure... I read somewhere that the number one most common vulnerability of web applications is SQL query injection. If you don't know what that term means, you should probably look it up, and check that your app is not vulnerable. - Oliver >Please define what you mean by "secured". Do you mean that you want to >place it behind SSL/HTTPS? Yes.....absolutely correct. i want it behind SSL/HTTPS. i am not worried about SQL injection or other kind of vulnerability. i can defend those. but my concern is , how could i place my application behind SSL/HTTPS. right now, login page calls a servlet and the servlet forwards a welcome page upon verification on the DB side. in this artitecture, what changes i have to do, so that my application is placed behind SSL/HTTPS ? thank you > >Please define what you mean by "secured". Do you mean that you want to >>place it behind SSL/HTTPS? [quoted text clipped - 11 lines] > in this artitecture, what changes i have to do, so that my application > is placed behind SSL/HTTPS ? A web-app/servlets? You don't need to change anything in your code at all! That is a question of setting up and configuring your web server/servlet container ty use ssl... SignatureDag. > A web-app/servlets? yes....its a JSP+ servlet application. > You don't need to change anything in your code at all! > > That is a question of setting up and configuring your > web server/servlet container ty use ssl... what ? try use with what ? 1) is it possible in Tomcat ? Do you use yahoo mail....you might see, when you log in....the url in the address bar changes to https://.....that means they have made their site behind a SSL. How they do it ? who is responsible for this ? what code i should add in my program ? what changes i have to do in the servlet container (in TOMCAT) will you please answer these questions ? thank you >> A web-app/servlets? > [quoted text clipped - 6 lines] > > what ? try use with what ? not try, but to... If you run tomcat behind Apache, it is enough to configure Apache to use SSL. If you use Tomcat standalone, you must configure Tomcat to use ssl. > 1) is it possible in Tomcat ? > [quoted text clipped - 3 lines] > > How they do it ? who is responsible for this ? The webserver > what code i should add in my program ? Nothing > what changes i have to do in the servlet container (in TOMCAT) Open your TomCat documentation, and click on the link called "ssl-howto". On my computer, it is here: C:\Tomcat.4.1\webapps\tomcat-docs\ssl-howto.html "gk" <srcjnu@gmail.com> said: >How to make a secured application ? As others have countered, please define "secured". >i have a login.jsp which acepts userid,password and goes to the DB, >verify it and puts a welcome page. > >I want to make this application secured. ... perhaps meaning that the other pages are not accessible for nonauthenticated users? If so, please read the documents - http://tomcat.apache.org/tomcat-4.1-doc/realm-howto.html - chapter SRV.12 (Security) in Java servlet specification, available from http://www.jcp.org/aboutJava/communityprocess/final/jsr053/ ... and use what the servlet environment provides, instead of rolling your own. SignatureWolf a.k.a. Juha Laiho Espoo, Finland (GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++ "...cancel my subscription to the resurrection!" (Jim Morrison) Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.