From: V B Kumar Jayanti <Vbkumar.Jayanti_at_Sun.COM>
Date: Wed, 24 Oct 2007 14:34:01 +0530

Saloustros Georgios wrote:

> Hello.
> I have deployed a web application in glassfish.
> The application (is .war) file uses https for authentication(username
> and password).
> How should I enable https for glassfish?

Add a security-constraint having transport-guarantee CONFIDENTIAL to
web.xml, see sample below.
<security-constraint>
        <display-name>Constraint1</display-name>
        <web-resource-collection>
            <web-resource-name>SecurePages</web-resource-name>
            <description>Secure Pages</description>
            <url-pattern>/secure/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <description/>
            <role-name>wsit</role-name>
            </auth-constraint>
        <user-data-constraint>
            <description/>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
 </security-constraint>

Thanks.