NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator's Guide
Security Considerations
NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator’s Guide—596210-006
8-7
HTTPS Client Authentication
HTTPS Client Authentication
The end user authentication using HTTPS (HTTP over SSL) requires the client to
possess a Public Key Certificate (PKC). Both NSJSP and the iTP Secure WebServer
support X.509 version 3 certificates. A web application can be configured for HTTPS
client authentication by setting the type of authentication in the web.xml file to
CLIENT-CERT.
Realms
Although the Java Servlet specification describes a portable mechanism for
applications to declare their security requirements (in the web.xml deployment
descriptor), a portable API that defines the interface between a servlet container and
the associated user and role information is not available. Therefore, a database of
usernames and passwords is required to validate the users. A Realm is such a
database of usernames and passwords that identify valid users of a web application (or
a set of web applications) with a list of the roles associated with each valid user. Roles
are similar to groups in UNIX-like operating systems because access to specific web
Figure 8-4. Logon Page for a Form-Based Authentication