[jboss-jira] [JBoss JIRA] Created: (JGRP-371) TCP_NIO with SSL

Bela Ban (JIRA) jira-events at jboss.com
Mon Dec 4 11:39:55 EST 2006 

TCP_NIO with SSL
----------------

                 Key: JGRP-371
                 URL: http://jira.jboss.com/jira/browse/JGRP-371
             Project: JGroups
          Issue Type: Feature Request
    Affects Versions: 2.4
            Reporter: Bela Ban
         Assigned To: Bela Ban
             Fix For: 2.5
         Attachments: ssl-nio.jar

>From Hal Hildebrand:
Attached are the sources to allow a new protocol stack which uses SSL over
NIO.  This protocol stack element provides security and authentication
(using client side authentication) for a JGroups TCP stack using NIO.

This required two minor modifications in the ConnectionTableNIO class.
These modifications allow one to subclass to create a connection table which
uses SSL for the connections.  Finally, there is a new protocol stack
element, SSL_NIO, which one can add to a stack to make use of it.

Regardless of whether this makes it into the codeline of JGroups, it would
be nice to have the changes to ConnectionTableNIO make it into the mainline,
as I currently have to overwrite the original class to easily implement this
- the last thing I want to do is fork ConnectionTableNIO ;)  I'd rather just
subclass it.  The mods are simple and innocuous (marked with "HSH").

Right now, the SSL_NIO needs to be configured with an SSLSocketFactory.  I
didn't bother with integrating with the normal JGroups mechanism using
properties from the configuration because I consider it inherently insecure
to ensconce my passwords in configuration files.  But the changes to enable
this are straight forward.  Currently, to configure the factory for the
protocol layer, do something like the following before connecting your
channel:


    // Construct your Jchannel
    JChannel jchannel = ...

    //  Access your protocol stack
    ProtocolStack protocolStack = jchannel.getProtocolStack();

    // Retrieve the SSL_NIO protocol layer
    SSL_NIO protocol = (SSL_NIO) protocolStack.findProtocol("SSL_NIO");
    
    // Create your SSLSocketFactory
    SSLSocketFactory socketFactory = ....

    // Set up the protocol
    protocol. SetSocketFactory(socketFactory);

    // Connect your channel
    jchannel.connnect("my-group");

Cheers.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list