How to encrypt login page

Hello

I have a super simple requirement to change some web applications so that user login passwords are passed encrypted from browser to web server. These web apps are running under SJSAS 8.1 Enterprise Edition, they all use form based login.

I have been reading the article at:

http://java.sun.com/developer/technicalArticles/WebServices/appserv8-1.html

it gives good info on managing digital certificates, however when it comes to configuring a web application it talks only about use of both a certificate at the server and another at the client.

I do not want to get embroiled in client certificates, I just want a certificate at the server.

Can anyone point me at some good info for configuring SJSAS and the web applications ?

Thanks

[789 byte] By [voka] at [2007-11-26 19:58:13]

«« Separate libstdc++.so.6 runtime?
»» Cursor positioning in a JTextArea

# 1

Would <transport-guarantee>CONFIDENTIAL</transport-guarantee> in your applications's web.xml satisfy this requirement ?

<transport-guarantee> tag has two legal values, INTEGRAL and CONFIDENTIAL. The former requires that the data is guaranteed not to change in transit and the later requires that the data be guaranteed not to have been read by an unauthorized third party in transit. A CONFIDENTIAL guarantee implies INTEGRAL.

Also check out section 9.2.2.1.2 in

http://java.sun.com/blueprints/guidelines/designing_enterprise_applications_2e/ security/security3.html

Cheers,

Vasanth

vasanth_foruma at 2007-7-9 22:53:44 >

Application & Integration Servers

Application Servers

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

How to encrypt login page

Application & Integration Servers New Topic

Application & Integration Servers Hot Topic

Application & Integration Servers

All Classified