Re: Securing a Java Application
- From: Alex Hunsley <lard@xxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 31 Jan 2007 22:11:42 GMT
Francesco wrote:
Hi all !
I have a Java application that uses JSP for visualizing data and EJB for queries.
Application is secured using HTTPS.
I need to create a Java client that connects to the J2ee application. the client that connects must be secured too.
How can I do it ? using Secure Sockets ? (SSL)
Can I use the same certificates for the Java Application that are used for the web application ?
Thanks
Francesco
Don't reinvent the wheel. The existing Java Http comms classes can already handle the https protocol for you. As for certs - I remember some annoying shenanigans around this... Ideally the cert is only needed at the server end. If your server cert isn't 'official' (signed by verisign et al) I think the client code has to override some security provider setting somewhere in order to function... sorry, can't remember more specifics.
Google around HttpClient or Http and Java...
lex
.
- Follow-Ups:
- Re: Securing a Java Application
- From: Alex Hunsley
- Re: Securing a Java Application
- References:
- Securing a Java Application
- From: Francesco
- Securing a Java Application
- Prev by Date: Re: How can i optimize the web services client access code
- Next by Date: Re: Securing a Java Application
- Previous by thread: Securing a Java Application
- Next by thread: Re: Securing a Java Application
- Index(es):
