Web Clients: Using SSL Security

Using SSL with Web applications requires only a change to the deployment descriptor web.xml. Add a new field to every <security-constraint> entry, which defines security properties for individual Web resources. For example:

<user-data-constraint>
    <transport-guarantee>
      CONFIDENTIAL
    </transport-guarantee>
</user-data-constraint>

The keyword CONFIDENTIAL specifies to WebLogic Server that the SSL protocol needs to be used. There are three options in total:

  • NONE means that the application does not require any transport guarantees.

  • INTEGRAL means that the application requires that the data sent between the client and server be sent in such a way that it can't be changed in transit.

  • CONFIDENTIAL means that the application ...

Get J2EE™ Applications and BEA™ WebLogic Server™ now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.