NOTE: These slides have not been updated since 2003. They have been superseded by the book
An Introduction to XML and Web Technologies
Addison-Wesley, and the accompanying online material. Please see
http://www.brics.dk/ixwt/
for more information.
Anders Møller and Michael Schwartzbach, February 2006
INTERACTIVE WEB SERVICES WITH JAVA
SSL - Secure Sockets Layer
SSL
- the Secure Sockets Layer can be inserted between the
application layer
(HTTP) and the
transport layer
(TCP).
using cryptography, it provides
privacy and reliability
of client-server communication and
authentication of the server
first, a secure channel is set up using (slow) public-key encryption (e.g. RSA) to generate a shared secret
subsequently, communication is performed using (fast) symmetric encryption (e.g. DES)
for Web services, just use the
https
protocol in URLs (assuming that a
trusted certificate
is generated for the server)
J2SE 1.4 contains
Java Secure Socket Extension (JSSE)
providing full Java support for SSL (
javax.net.ssl
)
COPYRIGHT © 2002-2003 ANDERS MØLLER & MICHAEL I. SCHWARTZBACH