tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christine Ho <opensrc...@yahoo.com>
Subject Re: Support JSS in Tomcat
Date Thu, 21 Jul 2005 01:40:08 GMT
Thanks. It works.

JSS can be used under either Mozilla Public License
(MPL) or LGPL. Is MPL or LGPL compatible with ASF
license? The good thing about JSS is that it is
FIPS-140 compliant.
 
Christine

--- Bill Barker <wbarker@wilshire.com> wrote:

> The <Factory> element is deprecated in TC 5.x.  In
> particular, you can't use
> it to specify a SocketFactory.
> 
> You pass the FQN of your SSLImplementation to the
> Connector with something
> like:
>   <Connector protocol="HTTP/1.1" port="8443"
> secure="true" scheme="https"
> sslProtocol="SSL"
> 
>
sSLImplementation="org.apache.tomcat.util.net.jss.JSSImplementationClass"
> />
> 
> I'd be happy to review your implementation (assuming
> that the licensing is
> compatible with ASF) if you want to submit it.  The
> easiest way is to open a
> BZ enhancement request and attach your code to that.
> 
> ----- Original Message -----
> From: "Christine Ho" <opensrc888@yahoo.com>
> To: <tomcat-dev@jakarta.apache.org>
> Sent: Wednesday, July 20, 2005 4:54 PM
> Subject: Support JSS in Tomcat
> 
> 
> Hi,
>   Tomcat 5.5.x supports JSSE only. I am working on
> web
> application which uses JSS
>
(http://www.mozilla.org/projects/security/pki/jss/javadoc/)
> I need to run the web application on Tomcat 5.x. I
> implemented the JSSSocketFactory.java,
> JSSSupport.java
> etc in the new package called
> org.apache.tomcat.util.net.jss. I tried to specify
> the
> SocketFactory class in server.xml but it doesnt
> work.
> I thought we can do something like that:
> 
> <Connector
>
className="org.apache.catalina.connector.http.HttpConnector"
>            port="8443" minProcessors="5"
> maxProcessors="75"
>            enableLookups="true"
>            acceptCount="10" debug="0" scheme="https"
> secure="true">
>   <Factory
>
className="org.apache.tomcat.util.net.jss.JSSServerSocketFactory"
>            clientAuth="false" protocol="SSL"/>
> </Connector>
> 
> It doesnt work at all. I looked at the source code
> and
> found out that SSLImplementationName is always null.
> Currently, I have to change the implementations
> array
> in SSLImplementation.java to include my
> implementation
> class which is JSSImplementationClass. Then
> recompiled
> the tomcat and it works. I just wonder if I overlook
> some of the configuration parameters in server.xml.
> If
> the server.xml in tomcat 5.5 does not support the
> Factory parameter, then I would like to modify the
> codes to support this feature. Therefore i dont need
> to recompile the tomcat to include my
> SSLServerSocketFactory implementation. Also I would
> like to contribute my codes for the JSS
> ServerSocketFactory implementation if you are
> interested.
> 
> Christine
> 
> 
> 
> ____________________________________________________
> Start your day with Yahoo! - make it your home page
> http://www.yahoo.com/r/hs
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> tomcat-dev-help@jakarta.apache.org
> 
> 
> 
> 
> 
> This message is intended only for the use of the
> person(s) listed above as the intended recipient(s),
> and may contain information that is PRIVILEGED and
> CONFIDENTIAL.  If you are not an intended recipient,
> you may not read, copy, or distribute this message
> or any attachment. If you received this
> communication in error, please notify us immediately
> by e-mail and then delete all copies of this message
> and any attachments.
> 
> In addition you should be aware that ordinary
> (unencrypted) e-mail sent through the Internet is
> not secure. Do not send confidential or sensitive
> information, such as social security numbers,
> account numbers, personal identification numbers and
> passwords, to us via ordinary (unencrypted) e-mail.
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> tomcat-dev-help@jakarta.apache.org
> 
> 



		
____________________________________________________
Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs 
 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message