[jboss-jira] [JBoss JIRA] Created: (JGRP-371) TCP_NIO with SSL

TCP_NIO with SSL ---------------- Key: JGRP-371 URL: http://jira.jboss.com/jira/browse/JGRP-371 Project: JGroups Issue Type: Feature Request Affects Versions: 2.4 Reporter: Bela Ban Assigned To: Bela Ban Fix For: 2.5 Attachments: ssl-nio.jar Attached are the sources to allow a new protocol stack which uses SSL over NIO. This protocol stack element provides security and authentication (using client side authentication) for a JGroups TCP stack using NIO. This required two minor modifications in the ConnectionTableNIO class. These modifications allow one to subclass to create a connection table which uses SSL for the connections. Finally, there is a new protocol stack element, SSL_NIO, which one can add to a stack to make use of it. Regardless of whether this makes it into the codeline of JGroups, it would be nice to have the changes to ConnectionTableNIO make it into the mainline, as I currently have to overwrite the original class to easily implement this - the last thing I want to do is fork ConnectionTableNIO ;) I'd rather just subclass it. The mods are simple and innocuous (marked with "HSH"). Right now, the SSL_NIO needs to be configured with an SSLSocketFactory. I didn't bother with integrating with the normal JGroups mechanism using properties from the configuration because I consider it inherently insecure to ensconce my passwords in configuration files. But the changes to enable this are straight forward. Currently, to configure the factory for the protocol layer, do something like the following before connecting your channel: // Construct your Jchannel JChannel jchannel = ... // Access your protocol stack ProtocolStack protocolStack = jchannel.getProtocolStack(); // Retrieve the SSL_NIO protocol layer SSL_NIO protocol = (SSL_NIO) protocolStack.findProtocol("SSL_NIO"); // Create your SSLSocketFactory SSLSocketFactory socketFactory = .... // Set up the protocol protocol. SetSocketFactory(socketFactory); // Connect your channel jchannel.connnect("my-group"); Cheers. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira