starting HOWTO SSLEXT

Help
2005-03-01
2013-06-04
  • Al Capone KRC
    Al Capone KRC
    2005-03-01

    Than you guys. I can't event tell how much you helped me. I was starting to kill my self using mouse wire ;)

     
  • ur4
    ur4
    2005-03-14

    Could someone post a more complete example of  a stuts-config.xml file that specifies an action as 'secure'? I'm having the same problem Lars mentioned: 3a works fine but 3b seems to be ignored.

    Thanks

     
  • Nam Nguyen
    Nam Nguyen
    2005-04-03

    Hi all,

    I've tried everything I've read but to no avail. I used Jboss 4.0.1. And The error I got is:

    HTTP Status 404 - Servlet action is not available

    --------------------------------------------------------------------------------

    type Status report

    message Servlet action is not available

    description The requested resource (Servlet action is not available) is not available.

    --------------------------------------------------------------------------------

    Apache Tomcat/5.0.28
    --------------------------------------------------------------

    Much appreciate if you could point out what might been
    the cause. Thanks.

    ---Nam Nguyen

     
  • Hamish
    Hamish
    2006-01-26

    In reply to ur4...

    Use Steve's step 2 (he wrote it after all so aught to know) as I understand it this is required because the action could be called from the wrong protocol so you need to be able to handle this and force your will on the pesky thing. If it's any concillation it's taken me ages to get this working but when you do it's very slick indeed - cheers Steve et al.

    For those that were like me two days ago and totally lost in the absecnce of documentation read on

    1)get the source for your version of struts from the forge and paste into your project source directory (.jar file isn't there anymore)

    I got the .tld from the demo app (which didn't work :) in Steve's article mentioned above - stick it in WEB-INF

    then use this cut down struts-config.xml for an app using tiles and DispatchAction as a template..

    <?xml version="1.0" encoding="ISO-8859-1"?>
    <!DOCTYPE struts-config PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 1.2//EN"
                                   "http://struts.apache.org/dtds/struts-config_1_2.dtd">
    <struts-config>

    <data-sources/>

    <form-beans>
      <form-bean name="homeForm" type="uk.co.mediatools.mtweb.actionForms.HomeActionForm"/>
    </form-beans>

    <global-exceptions/>

    <global-forwards/>

      <action name="myForm" parameter="dispatch" path="/myFirstAction"
       scope="session" type="com.domain.MyFirstAction" validate="false" input=".input_page">

       <set-property property="secure" value="true"/>

       <forward name="goRight" path=".right_page"/>
       <forward name="goLeft" path=".left_page"/>
      </action>

      <action name="herForm" parameter="dispatch" path="/herAction"
       scope="session" type="com.domain.HerAction" validate="false" input=".her_page">

       <set-property property="secure" value="false"/>

       <forward name="anywhere" path=".anywhere_page"/>

      </action>
    </action-mappings>

    <controller processorClass="org.apache.struts.action.SecureTilesRequestProcessor" />

    <message-resources parameter="resources.ApplicationResources"/>

    <!--Tiles Plugin-->
    <plug-in className="org.apache.struts.tiles.TilesPlugin">
      <set-property property="definitions-config" value="/WEB-INF/tiles-defs.xml"/>
      <set-property property="moduleAware" value="true"/>
    </plug-in>

    <!-- Validator Configuration -->
    <plug-in className="org.apache.struts.validator.ValidatorPlugIn">
      <set-property property="pathnames" value="/WEB-INF/validator-rules.xml, /WEB-INF/validation.xml"/>
    </plug-in>

    <!-- SSLEXT PLUGIN -->
    <plug-in className="org.apache.struts.action.SecurePlugIn">
        <set-property property="httpPort" value="8080"/>
        <set-property property="httpsPort" value="8443"/> 
        <set-property property="enable" value="true"/> 
    </plug-in>

    </struts-config>

    Note if you're using e.g. apache httpd server to handle the SSL simply specify the ports you're using default 80 and 443 instead of 8080 and 8443

    Happy Coding

    H

     
  • techpal
    techpal
    2006-02-24

    Thats hand full of information, thank you all for the effort.

    I have a basic question, does this ssl ext 1.2 works good for struts 1.2.8, as I see latest version of ssl ext is 1.2 which is dated 2004 october.

    -TP

     
  • LukeL
    LukeL
    2006-11-28

    Probably a bit late, but for future benefit:

    1 - HTTP Status 404 - Servlet action is not available

    Are you sure your container has HTTPS (SSL) enabled?  I had this problem with Tomcat until I figured out the HTTPS connector wasn't enabled.  Have a read of the docs for your container.

    2 - Does this SSL ext 1.2 work for struts 1.2.8?

    Yes.  I use Struts 1.2.8 and SSLEXT is working fine as far as I can see.

    Good work SLLEXT guys, this is an excelent extension and very easy to use.