Home » Eclipse Projects » Remote Application Platform (RAP) » RAP, Tomcat and SSL
RAP, Tomcat and SSL [message #478764] |
Thu, 06 August 2009 18:32 |
Benjamin Wolff Messages: 136 Registered: July 2009 |
Senior Member |
|
|
Hi,
using Tomcat as container and enabling SSL leads to error, that the browser that
accesses the RAP app reports that there is mixed content, meaning that there are
some sources that are not encrypted. this causes the page to be displayed as not-secure.
there already was a topic about a similar problem in this newsgroup, but this time
this happens with firefox (3.5.2) as well as with IE 8. the ssl encryption works because
when accessing the tomcat html manager the site is correctly marked as secure and encrypted.
related qooxdoo bugs can be found here:
http://bugzilla.qooxdoo.org/show_bug.cgi?id=1021
http://bugzilla.qooxdoo.org/show_bug.cgi?id=890
http://bugzilla.qooxdoo.org/show_bug.cgi?id=710
but strange is that this problem also occures with firefox.
i don't use any absolute paths or redirects to possibly unsecure http links...
i do use .png, .gif and .jpg pictures though.
i could not track down the ressources which the browser blames to be unsafe,
maybe anyone can confirm this problem, or maybe someone has a clean ssl/tomcat environment
and could explain his setup so we can track down any differences?!
can we excluded, that RAP loads any 'unsecure' elements?!
greetings,
ben
|
|
|
Re: RAP, Tomcat and SSL [message #478776 is a reply to message #478764] |
Thu, 06 August 2009 19:15 |
Benjamin Wolff Messages: 136 Registered: July 2009 |
Senior Member |
|
|
Hello again,
i could figure out what caused this behaviour. i'm using the (gorgeous) google visualization
example from the inqle project by David Donohue.
in the file org.inqle.ui.google.widgets/src/org/inqle/ui/google/jsapi/Go ogleAPIResource.java
there is a link to the google json api (location = "http://www.google.com/jsapi";) which
is loaded during startup, thus causing the non-secure content in the browser.
to workaround this problem the location has to be changed to a secure source: location = "https://www.google.com/jsapi";
done! :)
Benjamin Wolff schrieb:
> Hi,
>
>
> using Tomcat as container and enabling SSL leads to error, that the
> browser that
> accesses the RAP app reports that there is mixed content, meaning that
> there are
> some sources that are not encrypted. this causes the page to be
> displayed as not-secure.
>
> there already was a topic about a similar problem in this newsgroup, but
> this time
> this happens with firefox (3.5.2) as well as with IE 8. the ssl
> encryption works because
> when accessing the tomcat html manager the site is correctly marked as
> secure and encrypted.
>
> related qooxdoo bugs can be found here:
>
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=1021
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=890
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=710
>
> but strange is that this problem also occures with firefox.
> i don't use any absolute paths or redirects to possibly unsecure http
> links...
> i do use .png, .gif and .jpg pictures though.
>
> i could not track down the ressources which the browser blames to be
> unsafe,
> maybe anyone can confirm this problem, or maybe someone has a clean
> ssl/tomcat environment
> and could explain his setup so we can track down any differences?!
>
> can we excluded, that RAP loads any 'unsecure' elements?!
>
>
> greetings,
>
> ben
|
|
|
Re: RAP, Tomcat and SSL [message #478848 is a reply to message #478764] |
Fri, 07 August 2009 08:51 |
Stefan Messages: 316 Registered: July 2009 |
Senior Member |
|
|
The current RAP-Version still has a problem with css background-images
in IE when running under SSL. See this bug
https://bugs.eclipse.org/bugs/show_bug.cgi?id=285815
Invisible Widgets with BackgroundImage causes an unsecure content
warning in IE using SSL
Regards,
Stefan.
Benjamin Wolff schrieb:
> Hi,
>
>
> using Tomcat as container and enabling SSL leads to error, that the
> browser that
> accesses the RAP app reports that there is mixed content, meaning that
> there are
> some sources that are not encrypted. this causes the page to be
> displayed as not-secure.
>
> there already was a topic about a similar problem in this newsgroup, but
> this time
> this happens with firefox (3.5.2) as well as with IE 8. the ssl
> encryption works because
> when accessing the tomcat html manager the site is correctly marked as
> secure and encrypted.
>
> related qooxdoo bugs can be found here:
>
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=1021
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=890
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=710
>
> but strange is that this problem also occures with firefox.
> i don't use any absolute paths or redirects to possibly unsecure http
> links...
> i do use .png, .gif and .jpg pictures though.
>
> i could not track down the ressources which the browser blames to be
> unsafe,
> maybe anyone can confirm this problem, or maybe someone has a clean
> ssl/tomcat environment
> and could explain his setup so we can track down any differences?!
>
> can we excluded, that RAP loads any 'unsecure' elements?!
>
>
> greetings,
>
> ben
|
|
| | |
Goto Forum:
Current Time: Tue Apr 23 16:03:34 GMT 2024
Powered by FUDForum. Page generated in 0.03780 seconds
|