[jboss-jira] [JBoss JIRA] Resolved: (JGRP-371) TCP_NIO with SSL

Bela Ban (JIRA) jira-events at lists.jboss.org
Mon Mar 19 10:25:34 EDT 2007 

     [ http://jira.jboss.com/jira/browse/JGRP-371?page=all ]

Bela Ban resolved JGRP-371.
---------------------------

    Resolution: Deferred

Will probably be done in 2.6 (http://jira.jboss.com/jira/browse/JGRP-442)

> TCP_NIO with SSL
> ----------------
>
>                 Key: JGRP-371
>                 URL: http://jira.jboss.com/jira/browse/JGRP-371
>             Project: JGroups
>          Issue Type: Feature Request
>    Affects Versions: 2.4
>            Reporter: Bela Ban
>         Assigned To: Scott Marlow
>            Priority: Critical
>             Fix For: 2.5
>
>         Attachments: ssl-nio.jar
>
>
> From Hal Hildebrand:
> Attached are the sources to allow a new protocol stack which uses SSL over
> NIO.  This protocol stack element provides security and authentication
> (using client side authentication) for a JGroups TCP stack using NIO.
> This required two minor modifications in the ConnectionTableNIO class.
> These modifications allow one to subclass to create a connection table which
> uses SSL for the connections.  Finally, there is a new protocol stack
> element, SSL_NIO, which one can add to a stack to make use of it.
> Regardless of whether this makes it into the codeline of JGroups, it would
> be nice to have the changes to ConnectionTableNIO make it into the mainline,
> as I currently have to overwrite the original class to easily implement this
> - the last thing I want to do is fork ConnectionTableNIO ;)  I'd rather just
> subclass it.  The mods are simple and innocuous (marked with "HSH").
> Right now, the SSL_NIO needs to be configured with an SSLSocketFactory.  I
> didn't bother with integrating with the normal JGroups mechanism using
> properties from the configuration because I consider it inherently insecure
> to ensconce my passwords in configuration files.  But the changes to enable
> this are straight forward.  Currently, to configure the factory for the
> protocol layer, do something like the following before connecting your
> channel:
>     // Construct your Jchannel
>     JChannel jchannel = ...
>     //  Access your protocol stack
>     ProtocolStack protocolStack = jchannel.getProtocolStack();
>     // Retrieve the SSL_NIO protocol layer
>     SSL_NIO protocol = (SSL_NIO) protocolStack.findProtocol("SSL_NIO");
>     
>     // Create your SSLSocketFactory
>     SSLSocketFactory socketFactory = ....
>     // Set up the protocol
>     protocol. SetSocketFactory(socketFactory);
>     // Connect your channel
>     jchannel.connnect("my-group");
> Cheers.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list