Securing applications at transport level

Authentication and authorization is only one aspect of security. Any application that communicates through a clear text channel with its customers is potentially unsafe. For example, it's not only possible to capture a session cookie reading the HTTP header, but also possible to change a financial transaction by hacking the application context.

In the following sections, we will describe how to secure an application at transport level, starting from the HTTP protocol and then moving to the RMI transport layer.

Running the AppStore with HTTPS

Your AppStore application communicates with its client through clear text HTTP protocol. In order to take advantage of secure connections, you have to configure your ...

Get JBoss AS 5 Development now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

JBoss AS 5 Development by Francesco Marchioni

Securing applications at transport level

Running the AppStore with HTTPS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly