How to secure only some of the pages from the whole web application under glassfish V3 ?
A:
In your web.xml:
<security-constraint>
<display-name>Security Settings</display-name>
<web-resource-collection>
<web-resource-name>SSL Pages</web-resource-name>
<description/>
<url-pattern>/*.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<description>CONFIDENTIAL requires SSL</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
change the url-pattern to whatever you need.
Justin
2010-05-04 07:01:21
i want , when server serve secure.html page ,i want protocol to be automatically 'https' from http i have configured glassfish for https and also added above configuration in web.xml but it retrieves the page in http only.
java beginner
2010-05-04 08:45:40
also using HTTP user should not be able to access that secured page
java beginner
2010-05-04 10:00:26
my SSL port is 8181plain port is 8080added redirect port=8181 in http-listener1still not redirecting to HTTPS
java beginner
2010-05-04 12:51:59
Thanks a lot Justin.
java beginner
2010-05-06 04:59:57
We need to add a filter further in configuration.http://blogs.sun.com/jluehe/entry/how_to_downshift_from_https but only one hazard is there.i am using it with richFaces. once it goes to HTTPS its not changing the page i mean if i perform post action it doesnt actually happens. but if i do it from the local bmachine's browser it works perfectly from remote browser it stucks with HTTPS its not changing after that
java beginner
2010-05-06 13:23:22
A:
We need to add a filter further in configuration.
check it here
java beginner
2010-05-05 07:55:58