you'd be walking in a security hazard, but you could probably set the
cookie to secure even though it is running in http.
in org.apache.catalina.connector.Request.java, the cookie is set,
as you can see, last few lines, that the cookie is only set to secure if
the request is considered secure.
It's not enough to just simply change HttpURLConnection to
HttpsURLConnection, there are a few more actions required.
Have a look at this (it definately works), maybe you'll get the idea
what is going wrong on your side:
http://java.sun.com/developer/technicalArticles/Security/secureinternet2/
If I get a HttpsURLConnection like you've said, and then get an
InputStream as connection.getInputStream(), I can't read anything from
that stream, and metthod InputStream.available() returns 0. All this is
true if you use a 'https' url, not a 'http' one.
You can try it one day when you have en
I don't see why you shouldn't be able to use the class java.net.URL
with HTTPS, actually, it should work:
Url url = new URL("https//www.yourweb.com");
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
However, never have tried it myself since personally I believe that
A
Ok. I can't use https from applet because I've realized that you can't
use methods like url.openConnection() nor url.openStream() if url is
'https' like.
This applet has to get images from server. You'll ask why I donĀ“t use
getImage() or Toolkit.getImage(), the answer is that we don't work with
afaik there is no way to do that since this would break the
security-concepts of https.
you might be able to store the data needed in a dbms or a flat file,
however, that's a very poor design-concept, imho.
maybe you'd like to let us know why that requirement is?
cheers
greg
--
what's puzzlin'
