OnceI observed that the web server brought me into an SSL channel after my clickinga link on a page which is accessed via a Non-SSL channel.
Iwondered how it did this at that time.
Infact it is so easy to implement this using Java. The only thing you need to setis the transport-guarantee in web.xml.
Below is a sample web.xml.
<!-- This resource can only be accessed by those clientwho can present an trusted client certificate -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Resource protected by clientcert</web-resource-name>
<url-pattern>/ProtectedByClientCert</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>members</role-name>
</auth-constraint>
<!-- Here We specify accesses to this resource must beover an SSL channel
The container will automatically use https to access thisresource.
-->
<user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint>
</security-constraint>
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>Client Cert Users-onlyArea</realm-name>
</login-config>
However, you must first enable the secure port of the webcontainer.
In above example you also need to make CLIENT-CERT workfirst.
聯(lián)系客服
