Announcement Announcement Module
Collapse
No announcement yet.
spring security and https Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • spring security and https

    Hello.

    my web application run on websphere server, in this application, we need to access webservice from outside provider, this webservice require https connection, but i don't want to setup the websphere server, i wonder if spring security can help to this case?

    thanks.

  • #2
    As far as I know, Spring Security can ensure whether or not the call to your application has been done through a secure channel:

    Code:
    <intercept-url pattern="/secure/**" access="ROLE_USER" requires-channel="https"/>
    If you need to access as client to a secure endpoint that belongs to another application, you won't need to configure anything for a standard access (if the certificate has been issued by a well known trusted authority, I mean, Verisign or similar) because WebSphere is a Java EE server that supports JSSE since version 4.0 onward.

    Comment


    • #3
      Thanks, but it seems i need to config that https channel in the websphere, then the spring security component use it, right? but i wonder if i can config https channel directly by using the spring security configuration file, without touching the websphere.

      Comment

      Working...
      X