Security Section Index
What is the klist tool that comes with the JDK?
The klist command-line tool is for Kerberos ticket management. Specifically, it is used to list entries in the credential cache and key table.
Access Denied error in frames.When I try to access a child frame from parent frame I get "Access Denied Error".
Access Denied error in frames
When I try to access a child frame from parent frame I get "Access Denied Error". I know the reason is because I am trying to access the frame in a different domain. I...more
What is Kerberos? Can I use it from Java?
Kerberos is a trusted third party network authentication protocol, initially developed as a part of MIT's Project Athena. Kerberos was designed to provide exceptionally strong authentication using...more
I need to receive PKCS12 files and obtain X509Certificates from them in order to extract information. How do I do this?
Keytool can read PKCS12 files as generated by Netscape. It will treat
them as a keystore. An example would be:
keytool -list -rcs -keystore myfile.p12 -storetype pkcs12 -password foobar
Due to...more
How do I extend permissions to an applet without editing the policy file manually?
A: Short answer: Forget about Java 2 security (i.e. the policy file) when creating applets. No major web browser currently supports that security model. Instead, place the applet in ...more
How is Rijndael, the new, proposed American Encryption Standard, pronounced?
I'm in the group that pronounces it "Rhine-dahl". Some folks pronounce it "reign-dahl". Native Dutch speakers pronounce it correctly. :-)
Which file, in which directory, contains a list of installed Java security providers for Sun's JREs?
They are in the file
$JAVA_HOME/jre/lib/security/java.security. Looks like:
#######################
security.provider.1=sun.security.provider.Sun
security.provider.2=com.sun.crypto.provider.SunJC...more
How can I create a protected, "restricted" website? I.e., where someone can only access the site by e.g., entering a password.
Normally web servers have their own protection system already in place. If you are running Apache, for example, or anothe NCSA compliant web server, you can rely on the standard basic authenticati...more
Where I can find an implementation of Rijndael encryption for Java?
Check out:
Where can I find free implementations of the Java Cryptography Extension (JCE)?
Specifically, I'd recommend starting with Cryptix.
more
How do I configure JAAS for use with servlets?
There is no need for any special configuration for JAAS to be used with the Tomcat server.
Make the settings as we do to execute an application program, i.e.,
changing the java.security,java.pol...more
Where can I learn (more) about JCA (Java Cryptography Architecture)?
Check out the jGuru Security
FAQ.
Where can I learn (more) about JCA (Java Connector Architecture)?
Check out the Sun's Java
Connector Architecture homepage.
Where can I learn (more) about Java's support for transaction processing?
Check out the jGuru
Transactions FAQ.
Where can I learn (more) about using Java's JNI (Java Native Interface) to interface Java with platform native code?
Check out the jGuru JNI FAQ.
Where can I learn (more) about using JNDI (Java Naming and Directory Interface)?
Check out the jGuru JNDI FAQ.