hi
i am trying to load data onto my laszlo app using ssl. i have a cert and have it installed on my machine, i am just wondering if it is possible to create a new connector on the tomcat-5.0.24 server that the lps-2.2.1 comes on (i am using the tomcat-5.0.24 to convert data from my database to xml).
This function is usually provided at the http://localhost:8080/admin page of the tomcat server but this appears to be missing on your version.
I would like to create a connector with the settings
type=HTTPS
Secure=True
Port Number=8443
Keystore Filename=c:\ssl\server\server.ks

Is it possible to do this or should i just install another(normal) version of tomcat to handle the SSl and connecting to the database?

I couldn't get this working with the LPS in proxy mode, but was able to make things work using the 3.0b2 version to compile the SWF in unproxied mode. See this thread about it: http://www.laszlosystems.com/developers/community/forums/showthread.php?s=&threadid=2564

The unproxied method is simpler for my purposes because it doesn't require yet another server in the mix.

One more thing. Here is the connector I used to set up a working SSL port on the included tomcat server:


<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
keystoreFile="/path-to/lps-3.0b2/Server/tomcat-5.0.24/conf/keystore"
keystorePass="abcdefg"
clientAuth="false" sslProtocol="TLS" />

Thanks a million for your help. We are currently installing the newer version of LPS. Will see how we get on, and let you know our findings!

I upgraded to the newer version and got ssl working. We know it is working but how does the end user know. There is no little padlock on the bottom of my browser and as only the datasets are encrypted the address bar starts with http:// not https://

Thanks a million for all you help with it all! We were wondering there for a while whether it would be possible at all or not!

Originally posted by dreais
I upgraded to the newer version and got ssl working. We know it is working but how does the end user know. There is no little padlock on the bottom of my browser and as only the datasets are encrypted the address bar starts with http:// not https://

Thanks a million for all you help with it all! We were wondering there for a while whether it would be possible at all or not!

You should connect to your LPS server on the HTTPS port and make sure that everything works when going over the SSL connection. There is a good data tester in this directory of your installation (assuming your server is at localhost:8443):

https://localhost:8443/lps-3.0b2/examples/xmldata/xmldata.lzx

Go through all the methods and click the load button for each. Make sure that your secure port is the same as is listed in the form.

I am assuming that if the LPS serves the SWF files over a secure connection, then all the data requests will also be over the same secure connection by default. (Someone from Laszlo should correct me if my assumption is not right.)

Another good test would be to turn off the non-SSL connector in tomcat and see if anything stops working.

As I mentioned before, I'm not using the LPS in proxy mode, so the above information does not apply to my particular situation. I'm only using the LPS to create stand-alone SWF files, which I copy to my other Apache HTTPS server for use in unproxied mode. When doing this, Flash will make the HTTPS calls directly instead of having to go through the LPS.

Thank you for that information. I'm now definate that the data being transfered is encrypted using SSL. What I'm wondering is how the end user will know as there is no way of indicating this except for us telling them. I'm sure alot of people would trust this though!

Originally posted by dreais
Thank you for that information. I'm now definate that the data being transfered is encrypted using SSL. What I'm wondering is how the end user will know as there is no way of indicating this except for us telling them. I'm sure alot of people would trust this though!

You could make a statement in the program, or in a place before the program launches, that stated your security precautions. However, I still think the best thing to do is serve the application over an SSL connection from the start. Then, the browser's lock icon will appear, as well as https being listed in the URL.

my xmldata loads ok over https but my dataset loading via struts-actions never calls ondata event.
is there any issue on laszlo+struts over https?