You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by jfc <jf...@btopenworld.com> on 2002/08/28 15:54:13 UTC
sending login details using SSL
Hi,
Should it be common practice to send login details (username + password)
via SSL? I'll be using form-based authentication and was wondering about
how to beef up the security of transmitting username and password over
http.
I understand there is a transport-guarantee tag for use in web.xml. How
would this generally be achieved ie how would one specify that all
logins - regardless of which resource was requested, should be marked as
CONFIDENTIAL?
Thanks
jfc
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>