Chapter 1

Section 1.2

Introducing the HTTPS eWay

About the HTTPS eWay

HTTPS

HTTPS (hypertext transfer protocol over secure socket layer—or HTTP over SSL) is a Web protocol that encrypts and decrypts user page requests as well as the pages that are returned by the Web server. HTTP uses port 443 instead of HTTP port 80 in its interactions with the lower layer TCP/IP. SSL uses a 40-bit encryption key algorithm, which is considered an adequate level of encryption for commercial exchange.

When an HTTPS request is sent by a browser—usually by clicking a link that begins with https://—the client browser encrypts the request and sends it to the Web server. The acknowledgement sent by the Web server is also sent using encryption, and is decrypted by the client browser.

1.2About the HTTPS eWay

The HTTPS eWay enables eGate Integrator to communicate with client and server applications over the Internet using HTTP, either with or without SSL.

1.2.1HTTP Messages

An HTTP message has two parts: a request and a response. The message header is composed of a header line, header fields, a blank line, and an optional body (or data payload). The response is made up of a header line, header fields, a blank line, and an optional body (or data payload). HTTP is a synchronous protocol, that is, a client makes a request to a server and the server returns the response on the same socket.

1.2.2Web Browser Cookies

A cookie is an HTTP header, which is a key-value pair in the header fields section of an HTTP message.

The Set-Cookieand Cookie headers are used with cookies. The Cookie-requestheader is sent from the server in request for cookies on the client side. An example of a Cookie- request header is:

Set-Cookie: sessauth=44c46a10; expires=Wednesday, 27-Sep-2006 03:59:59 GMT

In this example, the server requests that the client store the following cookie:

sessauth=44c46a10

Everything after the first semi-colon contains additional information about the cookie, such as the expiration date. When the eWay sees this header, it extracts the cookie sessauth=44c46a10 and returns it to the server on subsequent requests. The eWay prepends a cookie header to the HTTP request, for example:

Cookie: sessauth=44c46a10

Each time the eWay sends a request to the same server during a session, the cookie is sent along with the request.

HTTPS eWay Adapter User’s Guide

8

Sun Microsystems, Inc.

Page 8
Image 8
Sun Microsystems 5.1.1 manual About the Https eWay, Http Messages, Web Browser Cookies