SSL for Transport Security
RMI messages travel over the network in clear and are vulnerable to network-based attacks. As we argued in the RMI Over SSL section of Chapter 6, Securing the Wire, this is usually not a concern because RMI is designed to be used within a trusted environment. In cases where the underlying network cannot be trusted to adequately safeguard the network traffic, SSL can be used to secure the transport. In the simple case of a class implementing a remote reference and extending the class UnicastRemoteObject, this can be accomplished simply by initializing the UnicastRemoteObject with appropriate factories for creating communication sockets. These details and the source code for server and client socket factories to create ...
Get J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
