February 2005
Intermediate to advanced
528 pages
12h 53m
English
Content preview from Jakarta Struts CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
11.11. Configuring Actions to Require SSL
Problem
You want to control if HTTPS is required on a page-by-page basis.
Solution
Use the SSLEXT Struts extension.
Discussion
The Struts SSL Extension (SSLEXT), an open source Struts plug-in,
enables you to indicate if an action requires the secure
(https) protocol. Steve Ditlinger created and
maintains this project (with others), hosted at
http://sslext.sourceforge.net.
SSLEXT enables fine-grained secure protocol control by providing:
The ability to specify in the struts-config.xml file if an
actionshould require a secure protocol. This feature essentially allows your application to switch actions and JSP pages fromhttptohttps.Extensions of the Struts JSP tags that generate URLs that include the
httpsprotocol.
The SSLEXT distribution consists of a plug-in class for
initialization (SecurePlugIn), a custom request
processor (SecureRequestProcessor), and a custom
action mapping class (SecureActionMapping).
Warning
If you have been using custom RequestProcessor or
ActionMapping classes and you want to use SSLEXT,
you will need to change these classes to extend the corresponding
classes provided by SSLEXT.
For JSP pages, SSLEXT provides custom extensions of Struts tags for
generating protocol-specific URLs. A custom JSP allows you to
indicate if a JSP page requires https. SSLEXT depends on the Java Secure Socket Extension (JSSE). JSSE is included with JDK 1.4 or later. If you're using an older JDK, you can download JSSE from Sun's Java site. ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.