The Droplets Platform allows you to secure your applications using HTTPS when using an IIS Web server. Droplets uses Windows' native support for HTTPS communication, and thereby inherits the Internet and proxy configuration used by the entire system.

Development

For the developer, writing a secured Droplet is simple. Go to your Droplet's application factory file and override the getRequiresSecureConnection() from ApplicationFactoryDefaults to return true:

Deployment

When you install the Droplets UI Server for Windows, an IIS directory is created called "SecureDropletSupport", which contains a Droplets HTTP Tunnel for communication via HTTPS. You must therefore secure the SecureDropletSupport directory as you would any other secure directory, associating an X.509 certificate with it and enabling it to speak HTTPS.

Known Limitations

1. Transmission of image files that you include in your Droplets are not secured. You should therefore not include any sensitive data within an image or a graph.
   
   
2. Client-side files which are transmitted via the Droplet using the Droplets Open and Save dialogs are not secured.
   
   
3. When serving the Droplet as an applet, the actual downloading of the applet ZIP file (dropletclient.zip and sometimes droplet-components.zip) is not secure. However, all communication that takes place within the applet once it is downloaded is fully secure.