10.12. SSL between the Java client and WebSphere
SSL may be used to secure a connection between two ORBs. When a Java client invokes a method on a remote EJB, the client and server ORBs will communicate information in the clear. SSL can protect information being passed over the IIOP protocol in the same way that it protects information being passed over other protocols.
In order to establish an inter-ORB connection, WebSphere demands that the identity of the client be provided. This has no relation to the role-based security used to protect the J2EE application, although the identity passed during the SSL initialization sequence can be used for authorization purposes.
10.12.1. Creating the key stores
In order to secure the ORB communication, ...
Get IBM WebSphere V5.0 Security: WebSphere Handbook Series now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.