axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From 島村 竜一 <bs-rshimam...@bs.core.nttdata.co.jp>
Subject RE: ssl connections
Date Wed, 11 Sep 2002 09:50:01 GMT

thankyou for anser

but this is not working tomcat4.04

Look for other methods.

thank you for Stocker

shimamura


-----Original Message-----
From: Stocker, Walter [mailto:Walter.Stocker@t-systems.com]
Sent: Wednesday, September 11, 2002 5:58 PM
To: axis-user@xml.apache.org
Subject: AW: ssl connections


Hi,

> 
> security.provider.1=sun.security.provider.Sun
> security.provider.2=com.sun.net.ssl.internal.ssl.Provider
> security.provider.3=com.sun.rsajca.Provider
> security.provider.4=com.sun.crypto.provider.SunJCE
> security.provider.5=sun.security.jgss.SunProvider
> 
> Is it that it is good only by changing a number?

With changing the number you change the order java uses the
security providers. it should work. be sure, to change the TWO java.security
files.

> 
> 
> 
> Hello Shimamura,
> 
> Change the java.security file in your java runtime 
> environment. Running on
> Win OS
> with jdk1.3.1 the default location is 
> 
> 	C:\Program Files\JavaSoft\Jre\1.3.1\lib\security\java.security
> 
> Add the following line to the file:
> 
> 	security.provider.3=com.sun.net.ssl.internal.ssl.Provider
> 
> Do the same changes to the java.security of your java 
> development environment
> JRE. On my
> OS the location is
> 
> 	E:\jdk1.3.1\jre\lib\security\java.security
> 
> Do not add java.protocol.handler.pkgs = 
> com.sun.net.ssl.internal.www.protocol
> 
> to the java.security files. I think this doesn't work.
> 
> Set the system property java.protocol.handler.pkgs with a 
> option to the java
> virtual machine 
> (e. g. java
> -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol)
> or in the initialisation routine of your program 
> (e.g. System.setProperty("java.protocol.handler.pkgs",
> "com.sun.net.ssl.internal.www.protocol").
> 
> Now you are able to use https-URLS 
> (e. g. 
> https://www.youraxisserver.com/services/youraxisservice) to invoke
> methods
> on your service. Maybe you have to change the service url in 
> your wsdl-file
> and/or
> program.
> 
> Add the jsse-libraries (jsse.jar, jcert.jar, jnet.jar) to 
> your classpath.
> 
> Normally no more changes are necessary. The above settings do 
> the following:
> 
> The setting in java.security files make the security provider for jsse
> available.
> The setting of the system property installs a handler for the 
> use with https
> urls.
> As invoking a service, axis checks if the https protocol in 
> the url is used.
> If
> so, it gets a secure socket (by default with JSSE). Otherwise 
> it gets a
> normal
> socket connection. So no more changes in the code are necessary.
> 
> BTW if your using JDK1.4 the settings are little different, 
> because JSSE is
> included in the jdk and no extra classpath settings etc. are 
> necessary.
> 
> Hope this answers some of your questions. cya
>                                                
> 
>  Dipl. Inform. (FH) Walter Stocker
>  T-Systems International GmbH
>  Software Developer
>  System Integration
>  Address: Memmelsdorfer Str. 209a, 96052 Bamberg
>  Phone: +49 (09 51) 40 97 - 1 46
>  Fax: +49 (09 51) 40 97 - 2 00
>  E-Mail: mailto:Walter.Stocker@t-systems.com
>  Internet: http://www.t-systems.com
>                                                                      
> 
> 
> > -----Ursprungliche Nachricht-----
> > Von: bs-rshimamura@bs.core.nttdata.co.jp
> > [mailto:bs-rshimamura@bs.core.nttdata.co.jp]
> > Gesendet am: Mittwoch, 11. September 2002 10:14
> > An: axis-user@xml.apache.org
> > Betreff: RE: ssl connections
> > 
> > 
> > 
> > Please tell me how to use java.security file
> > 
> > It changed as follows.
> > 
> > security.provider.3=com.sun.net.ssl.internal.ssl.Provider
> > java.protocol.handler.pkgs = com.sun.net.ssl.internal.www.protocol
> > 
> > Are a setup of a server and programming unnecessary?
> > 
> > 
> > shimamura
> > 
> > -----Original Message-----
> > From: ?g?o?eo -3?e 
> > Sent: Monday, September 09, 2002 3:14 PM
> > To: axis-user@xml.apache.org
> > Subject: RE: ssl connections
> > 
> > 
> > thank you for
> > Stocker and Jayaraman .
> > 
> > i try to test.
> > 
> > Try, if a setup of SSL communication finishes.
> > because it has not finished yet.
> > 
> > 
> > -----Original Message-----
> > From: Jayaraman Dorai [mailto:jayaraman@Wellogic.com]
> > Sent: Saturday, September 07, 2002 7:16 AM
> > To: axis-user@xml.apache.org
> > Subject: RE: ssl connections
> > 
> > 
> > What needs to be done to make sure,  I don't have to set
> > javax.net.ssl.trustStore  programmatically. What does is it mean by
> > "environment with non-standard keystores"? I have cacerts in 
> > the security
> > directory of JRE.
> > 
> > > BTW You do not have to set the javax.net.ssl.trustStore and 
> > other ssl
> > related
> > > system properties unless you have a environment with non-standard
> > keystores
> > > (cacerts in security directory of JRE).
> > 
> > -----Original Message-----
> > From: Sudhir [mailto:sudhir@infolead.com]
> > Sent: Friday, September 06, 2002 5:52 PM
> > To: axis-user@xml.apache.org
> > Subject: Re: ssl connections
> > 
> > 
> > Hi Jayaram,
> > You can set this property in the code as follows
> > 
> > Add the line java.protocol.handler.pkgs =
> > com.sun.net.ssl.internal.www.protocol to ur
> > <JDK_HOME>\jre\lib\security\java.security file.
> > 
> > Or you can pass the
> > flag 
> > 
> -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol to
> > the jvm
> > 
> > Sudhir
> > 
> > Hiroshima..45........Tjernobil..86........Windows..95....
> > ----- Original Message -----
> > From: "Jayaraman Dorai" <jayaraman@Wellogic.com>
> > To: <axis-user@xml.apache.org>
> > Sent: Friday, September 06, 2002 2:26 PM
> > Subject: RE: ssl connections
> > 
> > 
> > > Hi Stocker,
> > >
> > > Where should this be set
> > >
> > > java.protocol.handler.pkgs = com.sun.net.ssl.internal.www.protocol
> > >
> > > I have cacerts in the jre\lib\security. How do I get rid of 
> > this and make
> > the keystores standard.
> > >
> > > Thanks
> > > Jayaraman
> > >
> > > -----Original Message-----
> > > From: Stocker, Walter [mailto:Walter.Stocker@t-systems.com]
> > > Sent: Friday, September 06, 2002 6:46 AM
> > > To: axis-user@xml.apache.org
> > > Subject: AW: ssl connections
> > >
> > >
> > > Install Java Secure Socket Extension JSSE in the CLASSPATH and
> > > set the following system property:
> > >
> > >             java.protocol.handler.pkgs =
> > com.sun.net.ssl.internal.www.protocol
> > >
> > > Edit the java.security property file of the JRE and Java 
> > Sdk and include
> > the
> > > following line to activate the Java Security Provider:
> > >
> > > security.provider.3=com.sun.net.ssl.internal.ssl.Provider
> > >
> > > Now Axis uses the SSL implementation from JSSE when you 
> > connect to the
> > server
> > > with the https protocol. If you connect with http no ssl 
> > encryption is
> > used.
> > >
> > > BTW You do not have to set the javax.net.ssl.trustStore and 
> > other ssl
> > related
> > > system properties unless you have a environment with non-standard
> > keystores
> > > (cacerts in security directory of JRE).
> > >
> > >
> > >  Dipl. Inform. (FH) Walter Stocker
> > >  T-Systems International GmbH
> > >  Software Developer
> > >  System Integration
> > >  Address: Memmelsdorfer Str. 209a, 96052 Bamberg
> > >  Phone: +49 (09 51) 40 97 - 1 46
> > >  Fax: +49 (09 51) 40 97 - 2 00
> > >  E-Mail: mailto:Walter.Stocker@t-systems.com
> > >  Internet: http://www.t-systems.com
> > >
> > >
> > >
> > > > -----Ursprungliche Nachricht-----
> > > > Von: bs-rshimamura@bs.core.nttdata.co.jp
> > > > [mailto:bs-rshimamura@bs.core.nttdata.co.jp]
> > > > Gesendet am: Freitag, 6. September 2002 11:45
> > > > An: axis-user@xml.apache.org
> > > > Betreff: ssl connections
> > > >
> > > > Hello
> > > >
> > > >
> > > > I want use two sever to use ssl connections at axis soap.
> > > > please tell me .
> > > >
> > > > i don't like chage proguram.
> > > > but this is only  way to use like this ?
> > > >
> > > > 
> > System.setProperty("javax.net.ssl.trustStore","c:\\client.keystore")
> > > >
> > > > Is there none of other choices?
> > > >
> > > >
> > > >
> > > > shimamura
> > > >
> > >
> > 
> 

Mime
View raw message