J2EE Cheat Sheet
Directory layout
webapps
place .war's here
app name
place .jsp file here and in application specific subdirectories
WEB-INF
classes
place class's here
place .properties files here too
lib
place .jar's here
META_INF
place MANIFEST.MF here This directory and file are optional.
SSL
The use of tomcat with ssl requires what is commonly known as a certificate. This is a confusion piece of terminology. Actually, when ou need is a cryptographically signed certificate. Specifically, a cryptographically signed public key. The system works like this. First, you generate a keypair for your server. then you build a csr ( Cerificate Signing Request ) which you send to a CA ( Certificate Authority ). The CA creates a secure hash of the public key and returns that to the requester who installs it on their server.
Now when the client connects to the secured tomcat, they recieve the certificate. They forward the certificate to the CA. The CA decode the cert and returns it. The client verifies that the unwrapped public key belongs to the domain they are accessing, that it hasn't expired, and comences to use the public key to converse with the secured tomcat. If the cert has expired, the client warns the user. If the public key does not belong to the server they are accessing, the client warns the user. If the public key is not the mate of the private key on the server, communication will be impossible.