2 Replies Latest reply on Jul 20, 2004 11:48 AM by Roger Smith

    Secure Communication Methods

    Roger Smith Newbie

      I am new to J2EE and JBoss. I have been able to build an client application that uses RMI and JAAS to interact with a JBoss server. I need to secure the data being passed between the client and server (important customer data) but haven't been able to find a good example on how to do this. I feel like I am overlooking something.

      Can someone provide me with the options and what they consider "the best practice" for JBoss secure communications?

      Can someone point me to some tutorials/examples of how to send encrypted data between a client (not a webpage) and JBoss server using RMI?

      Any help on this matter would be greatly appreciated, thanks.

        • 1. Re: Secure Communication Methods
          Roger Smith Newbie

          I believe "RMI over SSL" is the ketwords I was missing. Does anyone have sample code for a client application. I am getting this error.

          [java] Created LoginContext
          [java] getDatabase() - Caught an exception.
          [java] java.rmi.ConnectIOException: Exception creating connection to: 192.168.40.43; nested exception is:
          [java] java.net.SocketException: Default SSL context init failed: null
          [java] at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:580)
          [java] at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:185)
          [java] at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:171)
          [java] at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:101)
          [java] at org.jboss.invocation.jrmp.server.JRMPInvoker_Stub.invoke(Unknown Source)
          [java] at org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvokerProxy.java:135)
          [java] at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:96)
          [java] at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
          [java] at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:45)
          [java] at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
          [java] at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
          [java] at $Proxy0.create(Unknown Source)
          [java] at com.oasis.timecard.client.TimecardClient.getDatabase(Unknown Source)
          [java] at com.oasis.timecard.client.TimecardClient.main(Unknown Source)
          [java] Caused by: java.net.SocketException: Default SSL context init failed: null
          [java] at javax.net.ssl.DefaultSSLSocketFactory.createSocket(DashoA6275)
          [java] at org.jboss.security.ssl.RMISSLClientSocketFactory.createSocket(RMISSLClientSocketFactory.java:46)
          [java] at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:562)
          [java] ... 13 more

          • 2. Re: Secure Communication Methods
            Roger Smith Newbie

            The problem was a incorrectly created keystore.