-
1. Re: ssl encrypted rmi/ejb still sending unencrypted data?
mathias Jun 14, 2006 5:48 AM (in response to mathias)To clarify, what happens is that when the EJB call is made (look up home and remote interface, call the method), using the Login/InitialContext, on the network the communication first takes place on the "normal" rmi port (1098). This is where you can see some cleartext information such as class names and such.
The communication is then moved to the secure port (14445) and at that point it is ssl encrypted of course.
So, is there some way to ensure that *all* communication takes place over SSL port, or is this simply how it works?? -
2. Re: ssl encrypted rmi/ejb still sending unencrypted data?
mathias Jun 15, 2006 1:30 AM (in response to mathias)Oh maaan, is there noone with some input here?
-
3. Re: ssl encrypted rmi/ejb still sending unencrypted data?
mathias Jun 15, 2006 2:29 AM (in response to mathias)Hmm, I've done some more thinking and I might have a theory.
In the client, I do an InitialContext, using the normal jndi port (1099) to look up home interfaces for the beans.
I haven't configured anything special for the JNDI service, so that would probably mean that that information is sent unencrypted, but then the securitydomain of the EJB's kick in and the usage of the beans is encrypted.
I sure would like some confirmation, and if someone has any pointer about how to, in that case, configure the jndi remote service, I'd be a happy camper. -
4. Re: ssl encrypted rmi/ejb still sending unencrypted data?
starksm64 Jun 15, 2006 10:55 AM (in response to mathias)Yes, jndi must also be setup to use ssl if you want its data encrypted.
-
5. Re: ssl encrypted rmi/ejb still sending unencrypted data?
mathias Jun 16, 2006 5:37 AM (in response to mathias)Thanks scott, as i thought then. But it still means that the logincontext's usr/pwd is sent encrypted right? I mean, they are not passed when the initialcontext is looked up? Reason i think so is because i could see them before setting up SSL for the EJB's, but not after...
-
6. Re: ssl encrypted rmi/ejb still sending unencrypted data?
mathias Jun 20, 2006 3:04 AM (in response to mathias)hey Scott or anyone, can someone please agree with me.... :)
Also, is there a good guide somewhere on securing JNDI in JBOSS?