O'Reilly logo

JBoss AS 5 Development by Francesco Marchioni

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Securing applications at transport level

Authentication and authorization is only one aspect of security. Any application that communicates through a clear text channel with its customers is potentially unsafe. For example, it's not only possible to capture a session cookie reading the HTTP header, but also possible to change a financial transaction by hacking the application context.

In the following sections, we will describe how to secure an application at transport level, starting from the HTTP protocol and then moving to the RMI transport layer.

Running the AppStore with HTTPS

Your AppStore application communicates with its client through clear text HTTP protocol. In order to take advantage of secure connections, you have to configure your ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required