Elijah Menifee wrote:
I myself have started to play with NIO for prototyping a replacement server
system for my company's software. While doing research on how to obtain
SSL/TLS connections on top of the NIO framework
<snip>
Haven't looked into it enough yet as I'm working on the jtreg tests,
time permitting, my plan was to implement the SSL/TLS handshake using
the SSLEngine API, creating SSLServerSocketChannel and SSLSocketChannel
classes and using byte buffers for IO, id did look like lots of work!
But if someone already implemented something to make life easier & it
works, lets use that. Iain suggested Apache Mina, as it uses the Apache
License, looks interesting, reportedly easy to use and quite fast too,
hmm even has a jzlib compression filter, that can be switched off and on
dynamically, good for bandwidth limited networks, not sure if filter is
the right terminology though as filters generally remove something,
translator might have conveyed better meaning; ). Mina 1.1 is the one
to use for Java 5 or later or Mina 1 for Java 1.4 I wonder if this
would provide the opportunity to remove some existing code in River to
streamline it a bit. Thoughts anyone?
Apache Triplesec, depends on Mina too, I want to look into Triplesec to
see if that could prove useful too, later down the track.
While on the topic of Security, I recall Jim Waldo in one of his
interviews/ talks, wondering if Security has been "done right" in Jini
(River), I think he was referring to the leaving of security as a
concern for administrators (pls correct me if I'm wrong) and suggesting
programmers needing to think more about security. I personally like the
way Security is handled by proxy's, so I think that what Jim was
referring to, was perhaps the default (out of the box) settings for
security and the configurability of Security. Security is difficult,
how can we make it easier?
Your thoughts?
Cheers,
Peter.
