Securing Web Apps on Tomcat with SSL

摘要

Web applications can be made secure to ensure confidentiality and data integrity by running sensitive network traffic on HTTPS. Most Web applications conform to a three-tier architecture working over a disconnected protocol (HTTP), which maintains the state and information on the server. Because of this remote and disconnected nature, Web applications can become vulnerable to hackers. Here comes the need of data integrity and confidentiality. Data integrity means that the data that arrives is the same as the data that was sent. In other words, nobody tampered with it along the way.