[jboss-jira] [JBoss JIRA] Created: (JGRP-372) TCP with SSL

Bela Ban (JIRA) jira-events at jboss.com
Mon Dec 4 11:43:55 EST 2006 

TCP with SSL
------------

                 Key: JGRP-372
                 URL: http://jira.jboss.com/jira/browse/JGRP-372
             Project: JGroups
          Issue Type: Feature Request
    Affects Versions: 2.4
            Reporter: Bela Ban
         Assigned To: Bela Ban
             Fix For: 2.4.1
         Attachments: tcp_ssl.jar

>From Hal Hildebrand:
Here's the straight TCP version, as I am still working on the handshake
implementation for the TCP_NIO_SSL protocol.  This protocol stack element
provides security and authentication (using client side authentication) for
a JGroups TCP stack.

Like the NIO version, this required four minor modifications in the
ConnectionTable class.  These modifications allow one to subclass to create
a connection table which uses SSL for the connections.  Finally, there is a
new protocol stack element, TCP_SSL, which one can add to a stack to make
use of it.

As with my previous request, it would be nice to have the changes to
ConnectionTable make it into the mainline, as I currently have to overwrite
the original class to easily implement this.  The mods are simple and
innocuous (marked with "HSH").

Right now, the TCP_SSL needs to be configured with an SSLContext.  I didn't
bother with integrating with the normal JGroups mechanism using properties
from the configuration because I consider it inherently insecure to ensconce
my passwords in configuration files, but the changes to enable this are
straight forward.  Currently, to configure the factory for the protocol
layer, do something like the following before connecting your channel:


    // Construct your Jchannel
    JChannel jchannel = ...

    //  Access your protocol stack
    ProtocolStack protocolStack = jchannel.getProtocolStack();

    // Retrieve the TCP_SSL protocol layer
    TCP_SSL protocol = (TCP_SSL) protocolStack.findProtocol("TCP_SSL");
    
    // Create your SSLContext
    SSLContext sslContext = ....

    // Set up the protocol
    protocol.setSslContext(sslContext);

    // Connect your channel
    jchannel.connnect("my-group");

Cheers.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list