You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tapestry.apache.org by Boris Horvat <ho...@gmail.com> on 2015/04/18 01:35:17 UTC

SSL/TSL for the tapestry tynamo rest

Does anyone have any idea where to start with this?

I have enabled the rest using tynamo resteasy so now I am wondering do I
need to do anything special in the application to make it SSL/TSL protected?

Is it as simple as enabling the SSL/TSL on the host and mapping the web.xml
to the rest pattern?

Could tynamo-federatedaccounts help with this?

Do I need to use tapestry @Secure annotation?

(I do understand that those are pretty vague question but still hoping for
answer before I just run my head against the wall and see what happens)

Thanks
Boris

Re: SSL/TSL for the tapestry tynamo rest

Posted by Kalle Korhonen <ka...@gmail.com>.

I'm not sure what you mean by "mapping the web.xml to the rest pattern" but
the easiest scenario is if you want to make your application only TLS
accessible. If your TLS endpoint is application container (Tomcat, Jetty,
etc..) then you just need edit the server configuration files and point it
to your certificate (not the web.xml), for Tomcat see
http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration. If
you have a http proxy in front (such as Apache Httpd, Nginx) then you need
to do the same configuration there and also let your application container
know that you want to return https urls even if your container sees only
incoming http requests (for Tomcat, you edit the context configuration
files). Tapestry, tynamo-resteasy or tynamo-federatedaccounts barely enter
the picture here. @Secure is only needed if you have a mixed http/https
application (see https://tapestry.apache.org/https.html).

Kalle

On Fri, Apr 17, 2015 at 4:35 PM, Boris Horvat <ho...@gmail.com>
wrote:

> Does anyone have any idea where to start with this?
>
> I have enabled the rest using tynamo resteasy so now I am wondering do I
> need to do anything special in the application to make it SSL/TSL
> protected?
>
> Is it as simple as enabling the SSL/TSL on the host and mapping the web.xml
> to the rest pattern?
>
> Could tynamo-federatedaccounts help with this?
>
> Do I need to use tapestry @Secure annotation?
>
> (I do understand that those are pretty vague question but still hoping for
> answer before I just run my head against the wall and see what happens)
>
> Thanks
> Boris
>