Month: June 2014
-
Spring Security: Forcing URLs to use HTTPS
PROBLEM Your web application supports both HTTP and HTTPS. You want to force all URLs to use HTTPS. SOLUTION Spring Security has a simple configuration that allows us to redirect all HTTP-based URLs to HTTPS. All we have to do is to set requires-channel=”https” on <security:intercept-url/> tag. For example:- With this configuration, when the user… Read More…
-
Java + HTTPS: Unable to Find Valid Certification Path to Requested Target
PROBLEM When trying to invoke HTTPS-based web service (ex: https://server:1234/myapp/web-service), the following exceptions occurred:- SOLUTION I do not want to take any credits away from @mkyong, but this author wrote a great solution to this problem at http://www.mkyong.com/webservices/jax-ws/suncertpathbuilderexception-unable-to-find-valid-certification-path-to-requested-target/ . Kudos to him. The only thing I want to point out here is the link to… Read More…
-
Maven + Jetty: Enabling SSL on Jetty Maven Plugin
PROBLEM In order to run our web application using HTTPS, we need to enable SSL first on Jetty. SOLUTION #1: Generating Certificate on the Fly One clean solution by @PascalThivent is to recreate the certificate whenever Jetty starts. Not to steal any credits from him, but here’s a slightly modified configuration using more recent plugin… Read More…