How do I implement HTTPS protocol for JSP? Or, how do configure SSL in a Web application? My platform is WebLogic...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The Java EE (J2EE) platform defines an XML-based "Web Deployment Descriptor (web.xml)" for specifying configuration features that allows the enforcement of secure communication using HTTP with SSL/TLS protocols for Web components such as Java Server Pages (JSPs) and servlets.
To enable HTTPS communication support in Web components, the "<transport-guarantee>" sub-element of the "<user-data-constraint>" sub-element of a "<security-constraint>" element must be specified as "CONFIDENTIAL" in the Web deployment descriptor. The following XML snippet illustrates the Web deployment descriptor (web.xml) showing the "<transport-guarantee>" sub-element:
. . .
. . .
. . .
. . .
In general, it is the responsibility of the Web application developer/assembler to define the required attributes for a Web application before its deployment to the Java EE application server.
As it is a standard practice, the Web deployment descriptor specified information applies to all Java EE providers such as BEA Systems' WebLogic, IBM's WebSphere, Sun Java System Application Server, JBoss and also its underlying operating systems.
Dig Deeper on Software Security Testing Tools
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.