11 Replies Latest reply on Mar 2, 2010 8:46 AM by abhishek mhptr

    implementing secured jboss deployment

    abhishek mhptr Newbie
      Hi All,

      i need to make the Jboss environment(running in linux machine)secured,
      which would make sure that unwanted data doesnt get deployed in JBoss.

      if anyone tries to deploy some files in jboss,
      it should ask for a security code or password.

      The whole thing is to make the Jboss environment secured with some
      security code or password.

      kindly help me out in achieving this.


      Thanks in advance.
        • 1. Re: implementing secured jboss deployment
          Peter Johnson Master

          Here's one way.

           

          Create a new user account, say "jboss". Make that account the owner of the JBOSS_HOME and all of its contents (subdirectories and files), and set the access mode to 600 (or 700 where appropriate). Run the app server under the "jboss" account.

           

          Now only those people who know the password to the "jboss" account can deploy things.

          • 2. Re: implementing secured jboss deployment
            abhishek mhptr Newbie
            thank u so much for the reply peter.

            your post was absolutely helpful.

            Now i have come across an unusual scenario for deploying a WAR file.
            (this is just a change request. i am sorry if i am driving you people nuts)

            we have a war file which will be  given to the client for deploying in to the JBoss server.

            if any intruder hacks the war in between and he changes its content before deploying,
            the broken WAR file shouldn't get deployed.

            The genuine WAR file should only get deployed in JBOSS.

            how can we prevent deploying the broken WAR file?

            how can we make sure to deploy only the genuine WAR file in JBOSS ?

            kindly provide your valuable suggestions.

            Thanks in advance.
            • 3. Re: implementing secured jboss deployment
              Peter Johnson Master
              This is why download site provide md5 or other checksums for downloaded files - so that the recipient can verify that the file has not been altered. I know of nothing built into JBoss AS that would perform the type of verification you are looking for.
              • 4. Re: implementing secured jboss deployment
                Peter Johnson Master

                I little bit of searching lead me to this, perhaps it will do what you need:

                http://java.sun.com/j2se/1.4.2/docs/guide/jar/jar.html#Signed%20JAR%20File


                1 of 1 people found this helpful
                • 5. Re: implementing secured jboss deployment
                  abhishek mhptr Newbie
                  thank you so much for the post peter. got fair idea regarding jarsigner from the link.
                  it was very helpful.

                  i executed the following steps.

                  i signed a war file and depolyed in jboss. it got deployed without any issues.

                  After that i made some changes in the signed WAR file and
                  tried to deploy the updated WAR file in the JBoss.

                  while doing that i found the following error:

                  DEPLOYMENTS IN ERROR:
                    Deployment "vfszip:/usr/local/jboss-5.1.0.GA/server/default/deploy/sampleWebApp.war/" is in error due to the following reason(s):
                  java.lang.SecurityException: Invalid signature file digest for Manifest main attributes


                  It means that JBOSS validates(verifies) the signature of the WAR file while depolying.

                  can anyone please tell me how JBOSS verifies it ?

                  can we make sure that WAR file with specific signature should only get deployed in JBOSS??

                  Thanks in advance.

                  • 6. Re: implementing secured jboss deployment
                    Peter Johnson Master

                    "can anyone please tell me how JBOSS verifies it ?"

                    I suspect that it is the JVM that does the verification. When JBoss AS attempts to load the archive, the JVM throws the security exception.

                     

                    "can we make sure that WAR file with specific signature should only  get deployed in JBOSS??"

                    You should look at some libraries that provide licensing features. These libraries can lock the app to a specific piece of hardware. I doubt that there is a way to prevent someone from deploying to, say WLS, instead of JBoss AS.

                     

                    If you provide your actual requirements (in other words, what is it that you are really attempting to do, and why you want to do it), then there might be some solution.

                    • 7. Re: implementing secured jboss deployment
                      abhishek mhptr Newbie

                      thanks again peter.

                       

                      the actual requirement is:

                       

                      i am developing a WAR file and adding a signature to it.

                       

                      while deploying, JBOSS should verify the signature.

                       

                      if the exact signature is not found, the WAR file should not get deployed.
                      (it should throw some exception)
                      (here we are not talking about tampering)


                      For example, i have a WAR file named sampleWebApp.war with particular signature.
                      The above should only get deployed in JBOSS.

                       

                      If some other WAR with the same name(sampleWebApp.war) with different signature is deployed,
                      the deployment should get failed with some exception.

                       

                      kindly suggest me how to achieve this.

                       

                      Thanks in advance.

                      • 8. Re: implementing secured jboss deployment
                        Peter Johnson Master
                        These are not requirements, they are implementation details or options. Perhaps I should have asked for the business requirements.
                        • 9. Re: implementing secured jboss deployment
                          abhishek mhptr Newbie
                          Thanks for your timely reply peter.

                          The business requirement is(in the form of example):

                          there is a WAR file developed from ABC company.
                          Its going to be deployed in the JBOSS server of XYZ company.

                          Deployment should be successful if the WAR file is identified as genuine WAR file of ABC company.

                          Otherwise, deployment should get failed with exception.

                          Thanks.
                          • 10. Re: implementing secured jboss deployment
                            Peter Johnson Master

                            Looks like JAR file signing should do it for you.

                            • 11. Re: implementing secured jboss deployment
                              abhishek mhptr Newbie

                              yeah.. jarsigner finds out if the WAR file has been tampered.

                               

                              but we want to make sure that the WAR file with specific signature should only get deployed.

                               

                              As JVM throws the security exception while the WAR file is getting deployed,

                              can we identify how and when JVM verifies the signature in JBOSS ?

                              Can we add some code(functionality) while verifying the WAR file,
                              so that WAR file with specific signature will only get deployed in JBOSS ?

                              kindly bail me out of this issue.

                              Thanks.