SSL for Transport Security

RMI messages travel over the network in clear and are vulnerable to network-based attacks. As we argued in the RMI Over SSL section of Chapter 6, Securing the Wire, this is usually not a concern because RMI is designed to be used within a trusted environment. In cases where the underlying network cannot be trusted to adequately safeguard the network traffic, SSL can be used to secure the transport. In the simple case of a class implementing a remote reference and extending the class UnicastRemoteObject, this can be accomplished simply by initializing the UnicastRemoteObject with appropriate factories for creating communication sockets. These details and the source code for server and client socket factories to create ...

Get J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.