[jboss-jira] [JBoss JIRA] (JGRP-371) TCP_NIO with SSL

Scott Marlow (JIRA) jira-events at lists.jboss.org
Mon Aug 6 16:18:07 EDT 2012 

     [ https://issues.jboss.org/browse/JGRP-371?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Scott Marlow reassigned JGRP-371:
---------------------------------

    Assignee: Scott Marlow  (was: Scott Marlow (Novell))

    
> TCP_NIO with SSL
> ----------------
>
>                 Key: JGRP-371
>                 URL: https://issues.jboss.org/browse/JGRP-371
>             Project: JGroups
>          Issue Type: Feature Request
>    Affects Versions: 2.4
>            Reporter: Bela Ban
>            Assignee: Scott Marlow
>             Fix For: 2.5
>
>         Attachments: ssl-nio.jar
>
>
> From Hal Hildebrand:
> Attached are the sources to allow a new protocol stack which uses SSL over
> NIO.  This protocol stack element provides security and authentication
> (using client side authentication) for a JGroups TCP stack using NIO.
> This required two minor modifications in the ConnectionTableNIO class.
> These modifications allow one to subclass to create a connection table which
> uses SSL for the connections.  Finally, there is a new protocol stack
> element, SSL_NIO, which one can add to a stack to make use of it.
> Regardless of whether this makes it into the codeline of JGroups, it would
> be nice to have the changes to ConnectionTableNIO make it into the mainline,
> as I currently have to overwrite the original class to easily implement this
> - the last thing I want to do is fork ConnectionTableNIO ;)  I'd rather just
> subclass it.  The mods are simple and innocuous (marked with "HSH").
> Right now, the SSL_NIO needs to be configured with an SSLSocketFactory.  I
> didn't bother with integrating with the normal JGroups mechanism using
> properties from the configuration because I consider it inherently insecure
> to ensconce my passwords in configuration files.  But the changes to enable
> this are straight forward.  Currently, to configure the factory for the
> protocol layer, do something like the following before connecting your
> channel:
>     // Construct your Jchannel
>     JChannel jchannel = ...
>     //  Access your protocol stack
>     ProtocolStack protocolStack = jchannel.getProtocolStack();
>     // Retrieve the SSL_NIO protocol layer
>     SSL_NIO protocol = (SSL_NIO) protocolStack.findProtocol("SSL_NIO");
>     
>     // Create your SSLSocketFactory
>     SSLSocketFactory socketFactory = ....
>     // Set up the protocol
>     protocol. SetSocketFactory(socketFactory);
>     // Connect your channel
>     jchannel.connnect("my-group");
> Cheers.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list