Managing Jetty Security
SSL in Jetty
Secure Sockets Layer (SSL) is a protocol designed to enable secure communications on an insecure network such as the Internet. SSL provides encryption and integrity of communications along with strong authentication using digital certificates. SSL allows a secure connection between a client and a web server.
SSL uses public and private keys to encrypt and decrypt information. Public key encryption is a technique that uses a pair of asymmetric keys for encryption and decryption. Each pair of keys consists of a public key and a private key. The public key is made public when it is distributed widely. The private key is never distributed; it is always kept secret.
Data that is encrypted with the public key can only be decrypted with the private key. Conversely, data that is encrypted with the private key can be decrypted only with the public key. This asymmetry is the property that makes public key cryptography so useful.
The public key is shared between the client and the server, whereas the private key is kept private by the client as well as the server.
The steps to be followed in using SSL in Jetty are as follows:
Basic Authentication in Jetty
Basic authentication allows restricting users who can access the resources by means of a password. For more information on configuring, refer Using Basic Authentication with the Jetty Server