Section Number and Name:
9.4.2. Accessing JNDI over HTTPS
Describe the issue:
Numerous issues, as this entire section was obviously copied verbatim from
(quite lacking) .org docs, with absoutely no proofreading.
- "The details of this are covered in the Integrating Servlet Containers for Tomcat."
There is no such section or document.
- "We will provide an SSL connector configuration for the example, so unless you are interested in the details of the SSL connector setup, the example is self contained."
No SSL configuration is provided.
There is no self-contained example provided.
- "Line 18 of the ExClient code demonstrates how this is done."
- "Lines 24-25 of the ExClient code specify an HTTP/SSL connection to the localhost on port 8443."
The listed example does not even have 24 lines.
- "The validation of the HTTPS URL hostname against the server certificate must be disabled."
SSL hostname checking should never be disabled.
If this is required, it's because of a configuration error in the SSL certificate. The SSL certificate should be corrected instead.
- "We are using a self-signed server certificate that uses a common name of "Chapter 8 SSL Example" rather than a particular hostname, and this is likely to be common in development environments or intranets."
No example certificate is provided.
This is not likely to be common -- that's a misconfiguration.
- "package org.jboss.chap3.ex1;"
This is chapter 9 of the EAP docs.
Not chapter 3 of the org docs this was copied from.
- "import java.security.Security;"
- "To test the client, first build the chapter 3 example to create the chap3 configuration fileset.
[examples]$ ant -Dchap=naming config"
This is not chapter 3.
No ready-to-build example is provided
- "Next, start the server using the naming configuration fileset:
[bin]$ sh run.sh -c naming"
No ready to run configuration is provided.
- "And finally, run the ExClient using:
[examples]$ ant -Dchap=naming -Dex=1 run-example"
- No mention of changes in http*-invoker.sar/invoker.war/WEB-INF/web.xml.
Half the necessary configuration changes are just completely left out!
Suggestions for improvement:
This section needs *completely* rewritten, or removed.
As is, it is more confusing than useful.