8 messages in net.java.dev.glassfish.adminRe: Mysterious listener security| From | Sent On | Attachments |
|---|---|---|
| Valtteri Kokkoniemi | Mar 25, 2009 9:51 am | |
| Kedar Mhaswade | Mar 25, 2009 10:02 am | |
| Valtteri Kokkoniemi | Mar 25, 2009 10:16 am | |
| Kedar Mhaswade | Mar 25, 2009 10:42 am | |
| Kim Haase | Mar 25, 2009 11:56 am | |
| Valtteri Kokkoniemi | Mar 27, 2009 5:17 am | |
| Kim Haase | Mar 27, 2009 6:43 am | |
| Kedar Mhaswade | Mar 27, 2009 9:30 am |
| Subject: | Re: Mysterious listener security | |
|---|---|---|
| From: | Kedar Mhaswade (Keda...@Sun.COM) | |
| Date: | Mar 25, 2009 10:02:06 am | |
| List: | net.java.dev.glassfish.admin | |
I agree. This could be worded so it makes the purpose explicit. As of now, when you click this box, "security-enabled" attribute of the http-listener is set to true. For such a listener the actual *transport layer security* is provided by the enclosed element named "ssl". Thus, this screen configures the following in (domain.xml):
<http-listener security-enabled="true/false" ...> <ssl cipher-suites=" ..." alias=" ..." ../> </http-listener>
Hope that explains.
-Kedar
Valtteri Kokkoniemi wrote:
In HTTP listener configuration there's a checkbox labeled "Security". Documentation explains it only as "Security: Check this box if you want to create a listener that is secure".
It seems highly likely that the said box probably should be checked in production or the server is going to do something I'd rather prefer it not to, but what? What does the checkbox actually do? This is interesting question, since setting will, without any further explanation, make listener "secure" or not and therefore the very definition of "secure" is left unexplained.
I'd like to know what the setting actually affects and would suggest the explanation to be added to the documentation, too.