URGENT : Security Providers and EJB
0 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   bharani_iyer
Posted On:   Thursday, November 8, 2001 04:23 AM

Hi , I have a Session Bean X which is deployed on WAS 4.0. This bean in turn instantiates a java class Y which is responsible for performing a Cert Verification of the input document which is signed, through OCSP or CRL. In order to achieve this functionality, the "security policy" of the AppServer includes Baltimore & IAIK toolkits in addition to Sun in the following order of priority : 1. SUN 2. IAIK 3. JCRYPTO "The Appserver does not allow us to add/remove/modify existing security providers dynamically inside the code." This is one of the restrictions imposed by the    More>>

Hi ,

I have a Session Bean X which is deployed on WAS 4.0.

This bean in turn instantiates a java class Y which is responsible for
performing a Cert Verification of the input document which is signed,
through OCSP or CRL.

In order to achieve this functionality, the "security policy" of the
AppServer includes Baltimore & IAIK toolkits in addition to Sun in the
following order of priority :



1. SUN


2. IAIK


3. JCRYPTO

"The Appserver does not allow us to add/remove/modify existing security
providers dynamically inside the code."
This is one of the restrictions
imposed by the Specifications !!

While doing a OCSP cert check, the application crashes out everytime because the CertLoader loads up the "sun.security.x509.X509CertImpl" and the baltimore toolkit that we are using for OCSP would never accept it.

We end up with a casting exception!

We tried to change the order of priority in the security policy by
pulling out Sun altogether.
But the AppServer would not start without
the Sun provider at launch time!

Is there anyway we can fix this problem ???



Secondly, is there someway at all by which we can "dynamically choose security providers" in components deployed on an App Server environment.





Thanks in advance,

Bharani.

   <<Less
About | Sitemap | Contact