4 Replies Latest reply on Jan 14, 2005 2:37 PM by tom.elrod

    security - authentication, authorization, encryption

    mazz

      I would like to start a thread on securing both the remoting tranport protocol and authorizing access to remote handlers.

      My initial requirements follow along lines analogous to HTTP/S with BASIC authentication.

      What I mean is, the actual traffic should be encrypted so as to prevent spoofing and hijacking of message requests and responses (having an HTTPS connector would do it - i.e. https://myhost:5555)

      Secondly, I need to be able to authenticate the remote client. For a start, we can just do something as simple as sending over credentials like a username (obviously, not in plain text - sending it over an encrypted channel would be needed). The server-side connector would then authenticate those credentials and see if the client is authorized to send requests to the handler that is to be invoked. Upon a denial, a security exception should be sent back to the client.

      As an aside, those client credentials should be made available to the handler (even though at this point, it would have meant the authorization passed). My handler may want to perform additional, more fine-grained, security checks.

        • 1. Re: security - authentication, authorization, encryption

          The encryption can be performed in one of two ways. The first is to add an interceptor before the remoting or within the data marshaller implementation (I need to make the second a little easier to do). The other is to have a SSL transport (i.e. https).

          I don't want to have authentication be part of the core remoting. When being used within an ejb call, this is already takend care of as is an interceptor before and after remoting (the payload just contains the security information). However, using remoting stand alone, want to be able to provide a way to do this. Also, when dynamic classloading is added back in, will then have to make remoting aware of authentication (at least indirectly).

          As for timeframe, https invoker is a little ways out as am just starting on the http invoker implementation. A simple encryption marshaller would be fairly simple to write, if need something soon. What is your timeframe for needing this? Don't guess you would have extra cycles to help on this?

          • 2. Re: security - authentication, authorization, encryption
            starksm64

            Yes, security should be an aspect integrated via an interceptor. There are areas where the transport details do matter for security. One is when security depends on the client endpoint. Another is when you need feedback from the transport on the security context. SSL and IIOP both have such notions.

            • 3. Re: security - authentication, authorization, encryption
              mazz

              Something to consider integrating with JBoss/Remoting for security:

              http://www.jcraft.com/jsch/index.html

              I just took a quick look at it - seems to be a Java implementation of SSH2 - so data encryption and authentication can be handled. They say its a pure Java implementation, so no native stuff.

              • 4. Re: security - authentication, authorization, encryption

                Cool. I have created a feature request for this in jira (http://jira.jboss.com/jira/browse/JBREM-38). At first glance, the jcraft implementation looks nice.