Hi, if you want parts to be accessible only with RSA, this part must use a SSL certificate that accepts only RSA. This has to be decided when generating certificates. So your different security levels must use different certificates. One way to do this is to create different connectors (different ips or different ports) that use different certificates. You can then control, on each connector, which webapps are accessible. Am sorry, but i don't think j2ee specs provides anything else than transport-guarantee which can only take NONE, INTEGRAL or CONFIDENTIAL so you will probably have to split your application in several webapps on several ports/domains...
En l'instant précis du 03/09/07 09:42, Christian Andersson s'exprimait en ces termes: > I'm sorry that I'm asking this directly without havinge done that much > research on this matter, but I'm hard pressed on time, and I'm currently > traveling so I have a very limited access to the net. > > my question is as follows > > I have an webapplication that the users are connecting to via https. > IS it possble for this webappto get information about the encryption > protocol (ssl2/ssl3/tls/etc...) and algoritms > (TLS_RSA_WITH_RC4_128_MD5/TLS_RSA_WITH_RC4_128_SHA/etc) used? > > I'm currently looking at securing a website with different grades of > security depending on the type of connection (for example you need RSA > with 256bit key to access some parts but other parts you only need > 3DES), so the the less secure connection, the less information/options > will be provided. > > > > > ------------------------------------------------------------------------ > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] -- http://www.noooxml.org/ --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
