Tomcat https setup for webservices

[swetha Ranganathan <sw...@yahoo.co.in>]

Hi All,
 
I am working in a webservice project where the communication between the client and 
the webservice needs to be encrypted.
So I have setup my tomcat to use https by following
tomcat documentation for ssl-howto.html
and for allowing access only via https , addded the security constraint in web.xml.
<security-constraint>
<web-resource-collection>
<web-resource-name></web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
This setup seems to work Using a java client to access the webservice . (i.e) it 
works only when the java.net.ssl.truststore property is set. and it points to the 
keystore containing imported server certificate.
However if I use a SOAPpy(python) client it doesn't seem to need the truststore 
location. It  is able to find the webservice both via http and https.
I would like to know if have missed out anything in my tomcat configuration
Also how would I check if the communication between client and server is encrypted
 
Any help would be appreciated
 
Thanks
Swetha

Yahoo! India Matrimony: Find your life partneronline.