[JBoss-user] [Security JAAS/JBoss] - Re: Exception: RMI/SSL
I could never get two RMI invokers working at the same time. No matter what I did the communication would always use the default RMI invoker. So what I did was change the default RMI invoker to use the RMISSL sockets. Here is a snippet from my jboss-service.xml file. btw I'm useing v3.2.3. !-- The SSL domain setup -- | mbean code=org.jboss.security.plugins.JaasSecurityDomain | name=jboss.security:service=JaasSecurityDomain,domain=RMI+SSL | | constructor |arg type=java.lang.String value=RMI+SSL/ | /constructor | | attribute name=KeyStoreURLserver.keystore/attribute | attribute name=KeyStorePasspassword/attribute | /mbean | |!-- RMI/JRMP invoker -- |mbean code=org.jboss.invocation.jrmp.server.JRMPInvoker | name=jboss:service=invoker,type=jrmp | | attribute name=RMIObjectPort8443/attribute | | attribute name=RMIClientSocketFactory |org.jboss.security.ssl.RMISSLClientSocketFactory | /attribute | | attribute name=RMIServerSocketFactory |org.jboss.security.ssl.RMISSLServerSocketFactory | /attribute | | attribute name=SecurityDomainjava:/jaas/RMI+SSL/attribute | | dependsjboss:service=TransactionManager/depends | | /mbean | View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3843738#3843738 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3843738 --- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: JBoss Kerberos
Thanks for your help I can't tell you much it has helped so far. Unfortunately, I have run into another problem. I would like to create custom RMI server and client socket factories that encrypt and decrypt the entire RMI message using the SRP SecretKey created during login. On the client I am able to get the SecretKey from the Subject and create encryption/decryption Ciphers based on the SecretKey. The problem is on the server. How do I get the Subject for the client that is connecting to the server? I tried to do this after the socket accept but it returned null: Subject subject = SecurityAssociation.getSubject(); How does the RMIServerSocket retrieve the apprioprate Subject so the server side socket can access a SecretKey that matches the clients so it can setup ciphers for input and output communication? I am using v3.2.3, with the service code from chap8 ex to perform the login. Thanks for all your help. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3843684#3843684 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3843684 --- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Installation Configuration] - Re: Failures in the 3.2.4 distribution
hbaxmann wrote : I have the following 5 anticipated failures in my single node install: | | ... | | 4.) | | Name Tests Errors Failures Time(s) | SRPUnitTestCase 2 0 1 1.121 | | Tests | Name Status Type Time(s) | testEchoArgs Failure Call to echo failed: ECB mode cannot use IV | | junit.framework.AssertionFailedError: Call to echo failed: ECB mode cannot use IV | at org.jboss.test.security.test.SRPUnitTestCase.testEchoArgs(SRPUnitTestCase.java:93) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at junit.extensions.TestDecorator.basicRun(TestDecorator.java:22) | at junit.extensions.TestSetup$1.protect(TestSetup.java:19) | at junit.extensions.TestSetup.run(TestSetup.java:23) | 0.791 | | ... | | bax I have the same problem in v3.2.3, is there a solution to this? Is it fixed in later versions of JBoss? I looked for it in the change logs but didn't see it mentioned. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3843409#3843409 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3843409 --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - JBoss Kerberos
I have been researching how to provide secure communication between a application client using RMI and a JBoss server. I was able to get RMI over SSL to work but my company would prefer to use Kerberos. I have found little to no documentation on JBoss and kerberos. Does JBoss support it? If so, can you point me to some documentation or describe to me how to integrate it with JBoss? Also, I have done some reading about SRP. Is this the JBoss preferred way to provide secure communication? Any help with this would be great. Thanks for your time. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3843107#3843107 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3843107 --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: JBoss Kerberos
I have tried out SRP example ex3 in chapter 8 of the Admin Development guide v3.2.3. This example shows how to performs authentication using SRP but the RMI data is still transferred without encryption. In order to add the encryption part I believe that I would have to create Custom RMIServerFactorys to that use an SRP session key to encrypt/decrypt the RMI data between the client and server. If this is correct, how do I get the SRP session key on both ends (client/server)? View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3843111#3843111 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3843111 --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: JBoss Kerberos
RMIServerFactorys above should be RMISocketFactory. Sorry for the typo. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3843112#3843112 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3843112 --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Secure Communication Methods
The problem was a incorrectly created keystore. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3842734#3842734 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3842734 --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Secure Communication Methods
I believe RMI over SSL is the ketwords I was missing. Does anyone have sample code for a client application. I am getting this error. [java] Created LoginContext [java] getDatabase() - Caught an exception. [java] java.rmi.ConnectIOException: Exception creating connection to: 192.168.40.43; nested exception is: [java] java.net.SocketException: Default SSL context init failed: null [java] at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:580) [java] at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:185) [java] at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:171) [java] at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:101) [java] at org.jboss.invocation.jrmp.server.JRMPInvoker_Stub.invoke(Unknown Source) [java] at org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvokerProxy.java:135) [java] at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:96) [java] at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46) [java] at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:45) [java] at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173) [java] at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85) [java] at $Proxy0.create(Unknown Source) [java] at com.oasis.timecard.client.TimecardClient.getDatabase(Unknown Source) [java] at com.oasis.timecard.client.TimecardClient.main(Unknown Source) [java] Caused by: java.net.SocketException: Default SSL context init failed: null [java] at javax.net.ssl.DefaultSSLSocketFactory.createSocket(DashoA6275) [java] at org.jboss.security.ssl.RMISSLClientSocketFactory.createSocket(RMISSLClientSocketFactory.java:46) [java] at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:562) [java] ... 13 more View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3841890#3841890 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3841890 --- This SF.Net email sponsored by Black Hat Briefings Training. Attend Black Hat Briefings Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Secure Communication Methods
I am new to J2EE and JBoss. I have been able to build an client application that uses RMI and JAAS to interact with a JBoss server. I need to secure the data being passed between the client and server (important customer data) but haven't been able to find a good example on how to do this. I feel like I am overlooking something. Can someone provide me with the options and what they consider the best practice for JBoss secure communications? Can someone point me to some tutorials/examples of how to send encrypted data between a client (not a webpage) and JBoss server using RMI? Any help on this matter would be greatly appreciated, thanks. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3841789#3841789 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3841789 --- This SF.Net email sponsored by Black Hat Briefings Training. Attend Black Hat Briefings Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [JBoss Getting Started Documentation] - Run app-client.jar from command line without ANT
How do I run the application client (app-client.jar) from the command line without ANT? It runs fine using the ANT command mentioned in the tutorial. I want to know exact what needs to be installed on the client machine in order to connect to the server to run. Things I have tried: I unpacked the app-client.jar file and added its main class to the manifest. I then ran: java -jar app-client.jar The GUI displays but doesnt work and I get the following output: Exception in thread main java.lang.NoClassDefFoundError: com/sun/ebank/ejb/customer/CustomerControllerHome | at com.sun.ebank.appclient.EventHandle.init(Unknown Source) | at com.sun.ebank.appclient.BankAdmin.main(Unknown Source) I have also tried using the appclient executable that comes with the J2EE distrubtion to run the client and also had no luck. Am I missing something? Any help would be great as I am having trouble finding documentation outside of the J2EE tutorial and the JBOSS getting started tutorial. If you have any good documetion sources that would be great too. Thanks. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3834687#3834687 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3834687 --- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
