Hi Andreas, 
  You can setup Tomcat to run over SSL and accept connections at port
443 (or other port of your choice). Here are some links:
http://tomcat.apache.org/tomcat-4.0-doc/ssl-howto.html 

This is also a great tutorial:
http://mircwiki.rsna.org/index.php?title=Configuring_Tomcat_to_Support_SSL 

The official documentation is found at:
http://www.apachefrance.com/Manuels/Tomcat_3.0/tomcat-ssl-howto.html 

Best regards,
Pantelis

On Tue, 2010-06-29 at 15:35 +0200, Andreas Maunz wrote:

> Luchesar V. ILIEV wrote on 06/29/2010 02:21 PM:
> > So, to summarize, the question is: how easy for the policy service
> > would it be to check the SAN entries in the client certificate used in
> > the SSL/TLS connection against the URL for which a policy is submitted
> > through that secure channel?
> 
> I agree SSL is most probably the more sane way. But it is also more 
> difficult to set up.
> Currently, the A&A server runs as a virtual machine and SSL connections 
> (which are as you know already possible) are currently handled by the 
> host machine.
> I would have to forward SSL to the guest machine, where OpenSSO can not 
> be switched into "SSL mode" so easily.
> 
> Currently I have:
> Tomcat webserver running as webapplication (WAR):
> 1) OpenSSO
> 2) Policy service
> 
> Let me check out how this would be possible- the policy service should 
> not be the problem.
> 
> Best regards
> Andreas
> _______________________________________________
> Development mailing list
> Development at opentox.org
> http://www.opentox.org/mailman/listinfo/development
>