Security Section Index | Page 7
Which servlet engines support HTTPS (SSL) connections?
Most Servlet Engines should support HTTPS (SSL) Connections if they are used as a plug-in to common HTTP servers such as Netscape, IIS and Apache. The reason for this is that the Web Server will p...more
How can I get the current user and password under MS Windows?
To do that I used an ASP page that calls a DLL which use a standard MS Windows API to get user/pass. Then the ASP page post those info to the JSP by http.
Without passing thru a Win API I think it...more
Are there any JNDI service providers which support Micrsoft's Windows security/authentication services?
Microsoft's sytsems can be broken down into 5 discrete areas:
Messaging -- Exchange has a quite capable LDAP interface
NT Domains -- There's no way to get access to NT domains from JNDI currently...more
What is the policy file and how exactly does this work?
For example, a browser's JVM does not allow an applet to access the local machine resources because they run under the scrutiny of a security manager. But still permission to access the client's ...more
How does the security manager interact with the classloaders?
In JDK 1.1, the security manager checks the classloader of the currently executing method to determine where the code came from. This determines what privilleges it should have.
In JDK 1.2 and la...more
Are there any Java implementations of the SSH v2 protocol?
See
MindTerm v1.99 from MindBright.
How do I connect to an IMAP server over an SSL connection?
This really isn't documented even in Sun's unsupported com.sun.mail.* packages, now, is it?
Fortunately,you can figure it out by reading the source code for JavaMail. It turns out that Sun's Jav...more
Where can I find the documentation for the .jar manifest file?
The
manifest file is documented as part of the
Jar File Definition.more
It seems that you need to use a signed script if you wish to unconditionally close a browser window using the window.close() method. Netscape offers their "signtool" utility for signing scripts, but I'm using Internet Explorer (and I don't want to install Netscape). How can I create a signed script, given these circumstances? Alternatively, is there another way of closing a window that doesn't require a signed script?
Just as Netscape provides a tool for signing code, IE provides one, too.
Refer the following Dr. Dobbs article for further references.
http://www.ddj.com/articles/1999/9902/9902h/9902h.htm
Well y...more
Are there any JDBC drivers available that support using SSL to communicate between the Java program and the database server?
For Oracle, the JDBC-OCI driver can
use SSL with native threads, but not with green threads. The JDBC-Thin driver cannot use SSL, but can use ANO
encryption instead.
JDataConnect provides a ...more
Where do I find the com.ms.security.* classes, so I can sign my code for use in IE?
Microsoft's security classes are found with the other classes that come with the Microsoft VM. Where they are and what you need to add to your CLASSPATH depends upon what version of Windows you ha...more
Are there any mailing lists covering XML encryption?
Yes, check out the W3C's
XML Encryption mailing list.
What is OpenPGP?
OpenPGP is an IETF
specification for a standard, completely open
PGP (Pretty Good Privacy).
OpenPGP is defined in
RFC 2440 as providing "data integrity services for messages and data
files&...more
What is SASL (Simple Authentication and Security Layer)?
SASL is the Simple Authentication and Security Layer
which is specified in
RFC 2222. SASL is a way to add authentication support to
connection-based protocols (such as SMTP, LDAP, POP, IMAP).
more
What OpenPGP solutions are available?
Commercially: Network Associate's PGP Security
Free for non-commercial use:
PGP Freeware
Free:
GNU Privacy Guard (gnupg)
Cryptix OpenPGP
more
