Unwired Accelerator uses Secure Sockets Layer (SSL), a security protocol that provides communications privacy over the Internet when transmitting data between client and server. Unwired Accelerator uses HTTP or HTTPS, depending on the secure_login setting in global.properties.xml:
If the parameter is set off, HTTP is enabled for Unwired Accelerator.
If the parameter is set on, HTTPS is enabled for Unwired Accelerator, and HTTPS is used for login and registration.
If secure_login is set on (true), keep in mind the following:
If you start your Portal Interface session
using https://host.domain:port/onepage/index.jsp (note
the s in https),
your entire session remains under HTTPS all the time, even while retrieving
things that do not need to be secured, such as images, CSS, and JavaScript
files.
If you start your Portal Interface session using http://host.domain:port/onepage/index.jsp (note http only), your
browser is redirected to use HTTPS only when you are exchanging sensitive
information like passwords and personalization data, or executing
secure applications.
You must enable the HTTPS listener on your portal before
you enable secure_login. To do so, set
the default_https_port property
in the global.property.xml file to the appropriate
port number (the defaults are 4443 from the Tomcat listener, and
8081 for the EAServer listener), then enable secure_login.
To enable Web capture of HTTPS sites and creation of “secure” applications, set these parameters on in the global.properties.xml file:
secure – indicates whether to enable HTTPS for the Web container (Mobile Web Studio and Portal Interface).
use_https – indicates whether to enable secure navigation.
See “Global property group” for more information about the secure, secure_login, use_https and default_https_port properties.
| Copyright © 2005. Sybase Inc. All rights reserved. |
|
|
