Hi, gentlemen.
I am trying to use HTTPMD URLs for verification of proxy integrity.
I've followed the steps described below:
1. calculate the hash for the .dl jar file to be downloaded by client;
2. put the HTTPMD URL on service codebase;
3. start reggie, service and client using the appropriate URL
handler by setting up a system property as follows:
System.setProperty("java.protocol.handler.pkgs","net.jini.url");
4. request the client to verify the downloaded proxy.
Server and client are using SSL, but an exception was thrown when
client is trying to verify proxy:
--> preparing proxy...java.lang.SecurityException: object is not
trusted:
Proxy[AbstractConfiguration,BasicInvocationHandler[BasicObjectEndpoint[37aca81b-09d7-46d6-a57a-7b4aa0c5433c,SslEndpoint[172.17.4.25:39055]]]]
at net.jini.security.Security.verifyObjectTrust(Unknown Source)
at net.jini.security.BasicProxyPreparer.verify(Unknown Source)
at net.jini.security.BasicProxyPreparer.prepareProxy(Unknown Source)
at
client.AbstractConfigurationClient.discovered(AbstractConfigurationClient.java:135)
at net.jini.discovery.LookupDiscovery$Notifier$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at net.jini.discovery.LookupDiscovery$Notifier.run(Unknown Source)
I've read a tutorial that explains: "If you forget to include
jsk-platform.jar in the client's classpath, then it won't be able to
find the standard verifiers and won't be able to verify any proxies.
The client will throw a SecurityException". I've put that file
(jsk-platform) on client's classpath, leading me to this question: Is
not the proxy verifier classes located on jsk-platform.jar file
anymore?
Best regards to all.
Helcio.
