| <?xml version="1.0" encoding="UTF-8"?> |
| <!DOCTYPE html |
| PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
| <html> |
| <head> |
| <link rel="stylesheet" type="text/css" href="../../com.ibm.help.doc/swg_info_common.css" /> |
| <title>Creating a custom tag library</title> |
| <script language="JavaScript"> |
| function popup_window( url, id, width, height ) |
| { |
| popup = window.open( url, id, 'toolbar=no,scrollbars=no,location=no,statusbar=no,menubar=no,resizable=no,width=' + width + ',height=' + height + ',left=,top=' ); |
| popup.focus(); |
| } |
| </script><script language="JavaScript" src="help/liveHelp.js"></script></head> |
| <body> |
| |
| <div class="nested0" id="tcreatetag"><a name="tcreatetag"><!-- --></a><h1 class="topictitle1">Creating a custom tag library</h1> |
| <div><div class="skipspace"> <p>The steps involved in creating a custom tag library are best |
| |
| illustrated by example. The following example shows you the steps for creating |
| |
| a new tag library called <i>sslCheck</i>. This library uses Secure Socket |
| |
| Layer (SSL) for securing your Web site. SSL allows a secure connection between |
| |
| your Web browser and a Web server, and the <i>sslCheck</i> tag provides a |
| |
| flexible way of using secure connections. The tag can be used in any JSP script, |
| |
| including Java and JavaScript. </p> |
| <p>The following simple |
| |
| tag implementation checks the protocol used, then redirects the user to the |
| |
| secure page or to an error page, depending on the parameterization of the |
| |
| tag (explained later). This secure connection implementation only works for |
| |
| JSP pages (server-side dynamically running pages), and not for HTML (static) |
| |
| pages. </p> |
| <div class="p">Two files must be created for the new tag:<ul><li><i>sslCheck.java</i> - the Java implementation of the tag</li> |
| <li><i>sslCheck.tld</i> - the taglib definition for the new tag</li> |
| </ul> |
| </div> |
| </div> |
| </div> |
| </div> |
| <div class="nested0" id="task"><a name="task"><!-- --></a><h1 class="topictitle1">Create sslCheck .java</h1> |
| <div><div class="skipspace">From the Java perspective: </div> |
| <ol><li class="skipspace"><span>Select <span class="uicontrol">YourApp</span>.</span></li> |
| <li class="skipspace"><span>Select <span class="menucascade"><span class="uicontrol">File</span> > <span class="uicontrol">New</span> > <span class="uicontrol">Class</span></span>. Type the following in the New Java Class |
| |
| window: </span> <ul><li><span class="uicontrol">Package:</span> com.ibm.entry.security </li> |
| <li><span class="uicontrol">Name:</span> sslCheck</li> |
| <li><span class="uicontrol">Superclass:</span> java.lang.Object</li> |
| </ul> |
| </li> |
| <li class="skipspace"><span>Click <span class="uicontrol">Finish</span>.</span> The source |
| |
| file will open automatically. </li> |
| <li class="skipspace"><span>Delete the automatic code and replace it with the following code:</span> <pre>package com.ibm.entry.security; |
| |
| import java.io.*; |
| |
| import javax.servlet.http.*; |
| |
| import javax.servlet.jsp.*; |
| |
| import javax.servlet.jsp.tagext.TagSupport; |
| |
| |
| |
| public class sslCheck extends TagSupport { |
| |
| |
| |
| private String errorpage=null; |
| |
| |
| |
| public void setErrorpage(String errorpage) { |
| |
| this.errorpage=errorpage; |
| |
| } |
| |
| |
| |
| public int doStartTag() throws JspException { |
| |
| try { |
| |
| HttpServletRequest request=(HttpServletRequest)pageContext.getRequest(); |
| |
| HttpServletResponse response=(HttpServletResponse)pageContext.getResponse(); |
| |
| if(request.getScheme().indexOf("https")==-1) { |
| |
| if(errorpage!=null) { |
| |
| // redirect to the error page |
| |
| response.sendRedirect(errorpage); |
| |
| } else { |
| |
| // redirect to the page using ssl |
| |
| String jumpURL="https://"+request.getServerName()+request.getRequestURI(); |
| |
| if(request.getQueryString()!=null) jumpURL+="?"+request.getQueryString(); |
| |
| response.sendRedirect(jumpURL); |
| |
| } |
| |
| return SKIP_PAGE; |
| |
| } |
| |
| } catch (IOException ioe) { |
| |
| throw new JspTagException("sslcheck tag failed"); |
| |
| } |
| |
| return EVAL_BODY_INCLUDE; |
| |
| } |
| |
| |
| |
| public int doEndTag() { |
| |
| return EVAL_PAGE; |
| |
| } |
| |
| } </pre> |
| </li> |
| <li class="skipspace"><span>Save and close the file.</span></li> |
| </ol> |
| </div> |
| </div> |
| <div class="nested0" id="task2"><a name="task2"><!-- --></a><h1 class="topictitle1">Create sslCheck.tld</h1> |
| <div><div class="skipspace">The tag must be defined in a TLD file. To create the TLD file from |
| |
| the Web perspective: </div> |
| <ol><li class="skipspace"><span>Select <span class="uicontrol">YourApp</span>.</span></li> |
| <li class="skipspace"><span>Select the Web module <span class="uicontrol">WEB-INF</span>.</span></li> |
| <li class="skipspace"><span>Right-click the <span class="uicontrol">WEB-INF/tlds</span> folder.</span></li> |
| <li class="skipspace"><span>Select <span class="menucascade"><span class="uicontrol">New</span> > <span class="uicontrol">File</span></span>.</span></li> |
| <li class="skipspace"><span>Name the file <kbd class="userinput">sslCheck.tld</kbd>.</span></li> |
| <li class="skipspace"><span>Click <span class="uicontrol">Finish</span>.</span> The source |
| |
| file will open automatically. Delete the automatic code and replace it with |
| |
| the following code: <pre><?xml version="1.0" encoding="UTF-8"?> |
| |
| <taglib> |
| |
| <tlibversion>1.0</tlibversion> |
| |
| <shortname>sslchk</shortname> |
| |
| <info>Tag library for checking SSL</info> |
| |
| <tag> |
| |
| <name>sslcheck</name> |
| |
| <tagclass>com.ibm.entry.security.sslCheck</tagclass> |
| |
| <bodycontent>empty</bodycontent> |
| |
| <attribute> |
| |
| <name>errorpage</name> |
| |
| <required>false</required> |
| |
| <rtexprvalue>true</rtexprvalue> |
| |
| </attribute> |
| |
| </tag> |
| |
| </taglib></pre> |
| </li> |
| <li class="skipspace"><span>Save and close the file.</span></li> |
| </ol> |
| </div> |
| </div> |
| <div class="nested0" id="task3"><a name="task3"><!-- --></a><h1 class="topictitle1">Using the tag</h1> |
| <div><div class="skipspace">Before the <i>sslcheck</i> tag can be used, the following taglib |
| |
| reference must be made.</div> |
| <ol><li class="skipspace"><span>Place the following taglib definition on the first line of the |
| |
| JSP source file:</span> <pre><%@ taglib uri="/WEB-INF/tlds/sslCheck.tld" prefix="sslchk" %></pre> |
| </li> |
| <li class="skipspace"><span>Immediately after the taglib definition, place one of the following |
| |
| SSL checking tag in the code. You can use the tag with or without the <samp class="codeph">errorpage</samp> attribute.</span> |
| <table border="1" frame="hsides" rules="rows" cellpadding="4" cellspacing="0" summary="" class="skipspace"> |
| <tbody> |
| <tr><th align="left" valign="bottom" id="d0e182">Option</th> |
| <th align="left" valign="bottom" id="d0e184">Description</th> |
| </tr> |
| <tr><td align="left" valign="top" id="d0e187" headers="d0e182"><b><samp class="codeph"><sslchk:sslcheck errorpage="error_page"/></samp></b></td> |
| <td align="left" valign="top" headers="d0e184 d0e187">When the request goes to the JSP and it is not using SSL, the page |
| |
| defined with the <samp class="codeph">errorpage</samp> attribute will be displayed. You |
| |
| must create the error page with the error messages before you start using |
| |
| the application.</td> |
| </tr> |
| <tr><td align="left" valign="top" id="d0e196" headers="d0e182"><b><samp class="codeph"><sslchk:sslcheck/></samp></b></td> |
| <td align="left" valign="top" headers="d0e184 d0e196">Using |
| |
| the tag without the <span>errorpage</span> attribute will redirect the page immediately |
| |
| to the same location but using a secure connection. </td> |
| </tr> |
| </tbody></table> |
| </li> |
| <li class="skipspace"><span>Save and close the file.</span></li> |
| </ol> |
| </div> |
| </div> |
| <div class="nested0" id="task4"><a name="task4"><!-- --></a><h1 class="topictitle1">Set up the SSL transport</h1> |
| <div><div class="skipspace">If you are deploying to a WebSphere<sup>®</sup> V5 or V5.1 server, you need to set |
| |
| up the SSL transport for the test application server before you can test the |
| |
| SSL connection in the development environment. To set up the SSL transport, |
| |
| complete the following steps:</div> |
| <ol><li class="skipspace"><span>From the from the J2EE perspective, open the test server configuration |
| |
| (WebSphere Administrative |
| |
| Domain) for the document distribution application.</span></li> |
| <li class="skipspace"><span>Click the <span class="uicontrol">Ports</span> tab.</span></li> |
| <li class="skipspace"><span>Click on <span class="uicontrol">Add</span> next to the HTTP transport |
| |
| list. Supply the following values:</span> <ul><li><span class="uicontrol">Host name:</span> <kbd class="userinput">*</kbd> (asterisk)</li> |
| <li><span class="uicontrol">Port:</span> <kbd class="userinput">443</kbd></li> |
| </ul> |
| </li> |
| <li class="skipspace"><span>Check the <span class="uicontrol">Enable SSL</span> check box.</span></li> |
| <li class="skipspace"><span>Check the <span class="uicontrol">External</span> check box.</span></li> |
| <li class="skipspace"><span>Click <span class="uicontrol">OK</span>.</span></li> |
| <li class="skipspace"><span>Save and close the file.</span></li> |
| </ol> |
| <div class="skipspace">SSL transport is now set for the test application server and you can |
| |
| test SSL connection in the development environment. The embedded HTTP server |
| |
| is using a dummy SSL server certificate for the test server. If you want to |
| |
| change the certificate, use the iKeyman utility. The dummy SSL server certificate |
| |
| is located in the following location:<pre><install directory>\eclipse\plugins\org.eclipse.jst.websphere.runtime\etc\DummyServerKeyFile.jks</pre> |
| <kbd class="userinput">WebAS</kbd> is the password for the JKS file.</div> |
| </div> |
| </div> |
| <div class="nested0" id="task5"><a name="task5"><!-- --></a><h1 class="topictitle1">Test the tag</h1> |
| <div><ol><li class="skipspace"><span>Open the file <span class="filepath">login/login.jsp</span> and click the |
| |
| Source tab.</span></li> |
| <li class="skipspace"><span>Place the following lines at the top of the file: </span> <pre><%@ taglib uri="/WEB-INF/tlds/sslCheck.tld" prefix="sslchk" %> |
| |
| <sslchk:sslcheck/></pre> |
| </li> |
| <li class="skipspace"><span>Save the file.</span></li> |
| <li class="skipspace"><span>Start the application, and then log in.</span></li> |
| </ol> |
| <div class="skipspace">The browser will notify you that the site is accessed using a secure |
| |
| connection. If the application is using frames, and one or more of the frames |
| |
| is using secure connection, the location in the browser will remain <span>"http"</span> and |
| |
| will not change to <span>"https"</span> .</div> |
| </div> |
| </div> |
| <p> |
| (C) Copyright IBM Corporation 2000, 2005. All Rights Reserved. |
| </p> |
| </body> |
| </html> |