jGuru
Register Email     Password Forgot your
password?
HOME FAQS FORUMS DOWNLOADS ARTICLES PEERSCOPE LEARN

  Search   jGuru Search Help

View:
Security FAQ Home Page

FAQ Manager is guru Govind Seshadri PREMIUM.

The Java architecture is very security concious. From the standard Java Cryptography Architecture (JCA) to the Java Crytography Extension (JCE) and beyond, you can build secure enterprise applications. [FAQ Previously managed by John Mitchell and Lennart Jorelid.]

What's New

What is the ktab tool that comes with the JDK?
Java:API:Security
John Zukowski PREMIUM, Sep 28, 2007
The ktab command-line tool is for Kerberos ticket management. Specifically, it is used to help manage entires in the key table. Solaris users can also...
What is the klist tool that comes with the JDK?
Java:API:Security
John Zukowski PREMIUM, Sep 28, 2007
The klist command-line tool is for Kerberos ticket management. Specifically, it is used to list entries in the credential cache and key table.
I have been trying to find a way not only to get the user certificate info - i.e. Authentication via DigitalID, but also to have a digest of the request, signed by the client (Web Browser Only - not the...
Java:API:Security, Java:API:Servlets:Security
Alex Chaffee PREMIUM, Feb 28, 2002
That's an interesting question. I'm pretty sure the answer is "no," at least not without hacking the server. The request *is* signed by the client, ...

We have a small lightweighted applet which establishes a network connection, sends an http request to some server, and receives a reply in xml format. The sandbox principle does not allow us to connect...
Java:API:Security
Jay Meyer, Jan 30, 2002
No. An applet can never connect to another machine. This is a fundamental "sandbox" issue. As long as you use an applet (and not a full-blown non-applet...
I have a simple JDBC connection to Oracle using Oracle's thin JDBC driver which works great. Now I would like to modify my program so that the data I send to the DB is encrypted. The readme notes...
Java:API:Security
Jay Meyer, Jan 30, 2002
Oracle Technet has all the docs online for free. You will need to register at technet.oracle.com. Here's the link I found. It spells out how to use...
I've got an text password and a string passed to me encrypted with Perl using Blowfish. I am using bouncycastle and cannot figure out how to make a SecretKey and PBEParameterSpec so that I can decrypt...
Java:API:Security
Steve McRoberts, Jan 30, 2002
In case someone else runs into this: Most important Blowfish != Blowfish. There are several methods of creating the initialization vector and handling...
Where can I get a list of good code obfuscators currently available?
Java:API:Security
Alessandro A. Garbagnati PREMIUM, Jan 26, 2002
Here are some good obfuscators currently available: JProof JShrink JReveal CodeShield for Java Condensity Force5 KlassMaster
Need secure date based lisence protection that will allow me to kill execution of a servlet after x days without a new key. I need help building a lisence protection scheme into a servlet that will stop...
Java:API:Security
Eugene Kuleshov PREMIUM, Jan 22, 2002
I've been told that this feature is planned for Saffeine 1.1. It will be enable to protect web applications and their license already have expiration ...
How do I sign a JAR file using jarsigner?
Java:API:Security
Govind Seshadri PREMIUM, Dec 31, 2001
There are many ways by which you can sign a JAR file using jarsigner. One way would be: jarsigner -keystore C:\working\mystore -signedjar sbundle.jar...
What is Kerberos? Can I use it from Java?
Java:API:Security
Govind Seshadri PREMIUM, Dec 31, 2001
Kerberos is a trusted third party network authentication protocol, initially developed as a part of MIT's Project Athena. Kerberos was designed to provide...
Is there a Java API for PGP?
Java:API:Security
Govind Seshadri PREMIUM, Dec 31, 2001
Yes, there is an implementation available which provides methods for accessing PGP 2.3a. It interacts with PGP via JNI. The files generated with this...
We have installed a self-signed certificate for apache mod_ssl and JSSE examples complain about the security chain AND the names not being the same, and give an exception. How can we get around this? A...
Java:API:Security
Eelco Cramer PREMIUM, Dec 26, 2001
I found this solution (with code example) on the javasoft forums.
My domain name is assigned for a specific IP address(normal). Because in the same WebLogic server, in the same Unix box, under the same internal IP address are running 2 applications, if the http address...
Java:API:Security
Patrick Deloulay, Dec 21, 2001
The matching between the certificate and server hostname can be disbaled dynamically by adding this piece of code URL jsseUrl = new URL( "https",...
What signing tool to use if your applet needs to run in Microsoft Browser and netscape Browser?
Java:API:Security
Sandy McPherson, Nov 30, 2001
The following is an excerpt from java.sun.com http://java.sun.com/products/jsse/doc/guide/API_users_guide.html#TestInstall Creating a Certificates...
I am trying to cipher a string and am using weblogic6.0, when i run it as an application the code works, but not when i put it on the application server. Error msg it gives: <Error> <HTTP>...
Java:API:Security
Amol Sant, Nov 30, 2001
The JDK/JRE used by weblogic is different from the one that you use on the command line. Check the security file (java.security) for that JDK...
I've been trying to set up jaas authentication modules on the following : a) ATG b) WLS and c)JRun. WLS has built in JAAS support but the other two do not. Building JAAS auth decreases my work and...
Java:API:Security
Alan Ko, Nov 28, 2001
Here's how to set up JAAS in JRun: 1) Assuming you have a JAAS module just like the one at http://java.sun.com/j2se/1.4/docs/guide/security/jaa...
How can I encrypt XML documents and transmit them to a remote server?
Java:API:Security
Shiva dacherla, Nov 28, 2001
There is a tool from IBM which handles the Encryption/Decryption of XML documents. You can also do the encryption at element level. The name of the tool...
How do I pass an X509 certificate through cascading https servers? Background: I have a servlet running on web server that requires an X509 Certificate. The servlet needs to call several other URL's...
Java:API:Security
Rob Fielding, Nov 28, 2001
You can forward the certificate on to another tier,but the certificate itself doesn't actually do much unless you can challenge the certificate holder...
I need to receive PKCS12 files and obtain X509Certificates from them in order to extract information. How do I do this?
Java:API:Security
Berin Loritsch, Oct 29, 2001
Keytool can read PKCS12 files as generated by Netscape. It will treat them as a keystore. An example would be: keytool -list -rcs -keystore myfile.p12...
I am trying to import a private key generated outside of Java into my keystore with keytool. It seems logical to use the $keytool -import -file my.key -alias foo command, but I get an error...
Java:API:Security
Berin Loritsch, Oct 29, 2001
You can't import PKCS12 files. Period. However, they can be used AS a keystore.
« previous beginning next »


Ask A Question



Related Links

Security Forum

Java Security Home

Java Security Documentation

jGuru.com Fundamentals of Java Security tutorial

The Java Secure Socket Extension (JSSE) with SSL support

Wish List
Features
About jGuru
Contact Us

 




JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers
Solutions
Whitepapers and eBooks
IBM eBook: Planning a Service Oriented Architecture
IBM eBook: Choosing the Right Architecture--What It Means for You and Your Business
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape?
Avaya Article: Using Intelligent Presence to Create Smarter Business Applications
Intel Go Parallel Article: Getting Started with TBB on Windows
Microsoft Article: 7.0, Microsoft's Lucky Version?
Avaya Article: How to Feed Data into the Avaya Event Processor
IBM Article: Developing a Software Policy for Your Organization
Microsoft Article: Managing Virtual Machines with Microsoft System Center
Intel Go Parallel Article: Intel Threading Tools and OpenMP
HP eBook: Storage Networking , Part 1
Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007
MORE WHITEPAPERS, EBOOKS, AND ARTICLES
Webcasts
HP Video: StorageWorks EVA4400 and Oracle
HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
 Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
MORE WEBCASTS, PODCASTS, AND VIDEOS
Downloads and eKits
Red Gate Download: SQL Toolbelt and free High-Performance SQL Code eBook
Iron Speed Designer Application Generator
 MORE DOWNLOADS, EKITS, AND FREE TRIALS
Tutorials and Demos
Silverlight 2 App and Walkthrough: Leverage Silverlight 2 with SQL Server and XML
IBM Article: Enterprise Search--Do You Know What's Out There?
HP Demo: StorageWorks EVA4400
 Microsoft Article: The Progress and Promise of Deep Zoom
Microsoft How-to Article: Get Going with Silverlight and Windows Live
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES