I'll add support for externalizing the RMI socket factories so that you
can use that approach. A future version of the jnp provider will allow
for secured access based on Java2 permissions.
----- Original Message -----
From: "Sampsa Ranta" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, May 27, 2001 5:51 PM
Subject: [JBoss-user] Security in JBoss
>
> Hello,
>
> I am just trying to become familiar with the JBoss architecture and what
> I am using. I accidentally browsed the code carefully from the org.jnp
> naming tree. The jnp documentation explained that a single JNP server is
> enough for a network. Yes, and it seems to very willfully give a
> Marshalled reference to itself with having nice interface on all basic
> low level naming functionality.
>
> I would like to run production server on JBoss on Internet without
> firewall, but I would not like anyone to unbind or rebind everything
> from my RMI / JNDI registry. As I read the code a bit I found very little
> indications in the code why this would not be possible.
>
> As I said don't like the firewall option overall. In past projects I've
> been securing RMI by using custom socket factories and doing check in
> accept(), but for JNP this option was not an enabled possibility unless
> defining own RMISocketFactory as default so the MarshallObject
> would use it.
>
> Is there a way to secure the JBoss somehow?
>
> Thanks,
> Sampsa Ranta
> Network Administrator
>
>
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
>
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
