Java Reference
In-Depth Information
"<p>Or view <a href=\""
+
VIEW_SOURCE_URL
+
"\">"
+
"the WebServer0 source on github</a>.</p>\n"
+
"<hr/><em>Java-based WebServer0</em><hr/>\n"
+
"</html>\n"
;
os
.
print
(
"Content-length: "
+
(
reply1
.
length
() +
from
.
length
() +
reply2
.
length
()) +
CRLF
);
os
.
print
(
CRLF
);
os
.
print
(
reply1
+
from
+
reply2
+
CRLF
);
os
.
flush
();
s
.
close
();
}
catch
catch
(
IOException e
) {
System
.
out
.
println
(
"IOException "
+
e
);
}
return
return
;
}
}
Securing a Web Server with SSL and JSSE
Problem
You want to protect your network traffic from prying eyes or malicious modification, while
the data is in transit.
Solution
Use the Java Secure Socket Extension, JSSE, to encrypt your traffic.
Discussion
JSSE provides services at a number of levels, but the simplest way to use it is simply to get
your
ServerSocket
from an
SSLServerSocketFactory
instead of using the
ServerSocket
constructor directly. SSL is the Secure Sockets Layer; a revised version is known as TLS. It
is specifically for use on the Web. To secure other protocols, you'd have to use a different
form of the
SocketFactory
.
The
SSLServerSocketFactory
returns a
ServerSocket
that is set up to do SSL encryption.
HTTP Protocol
.
If you're thinking this is too easy, you're wrong!