Uploaded image for project: 'JGroups'
  1. JGroups
  2. JGRP-371

TCP_NIO with SSL

    XMLWordPrintable

    Details

    • Type: Feature Request
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Deferred
    • Affects Version/s: 2.4
    • Fix Version/s: 2.5
    • Labels:
      None

      Description

      From Hal Hildebrand:
      Attached are the sources to allow a new protocol stack which uses SSL over
      NIO. This protocol stack element provides security and authentication
      (using client side authentication) for a JGroups TCP stack using NIO.

      This required two minor modifications in the ConnectionTableNIO class.
      These modifications allow one to subclass to create a connection table which
      uses SSL for the connections. Finally, there is a new protocol stack
      element, SSL_NIO, which one can add to a stack to make use of it.

      Regardless of whether this makes it into the codeline of JGroups, it would
      be nice to have the changes to ConnectionTableNIO make it into the mainline,
      as I currently have to overwrite the original class to easily implement this

      • the last thing I want to do is fork ConnectionTableNIO I'd rather just
        subclass it. The mods are simple and innocuous (marked with "HSH").

      Right now, the SSL_NIO needs to be configured with an SSLSocketFactory. I
      didn't bother with integrating with the normal JGroups mechanism using
      properties from the configuration because I consider it inherently insecure
      to ensconce my passwords in configuration files. But the changes to enable
      this are straight forward. Currently, to configure the factory for the
      protocol layer, do something like the following before connecting your
      channel:

      // Construct your Jchannel
      JChannel jchannel = ...

      // Access your protocol stack
      ProtocolStack protocolStack = jchannel.getProtocolStack();

      // Retrieve the SSL_NIO protocol layer
      SSL_NIO protocol = (SSL_NIO) protocolStack.findProtocol("SSL_NIO");

      // Create your SSLSocketFactory
      SSLSocketFactory socketFactory = ....

      // Set up the protocol
      protocol. SetSocketFactory(socketFactory);

      // Connect your channel
      jchannel.connnect("my-group");

      Cheers.

        Attachments

          Activity

            People

            Assignee:
            smarlow Scott Marlow
            Reporter:
            belaban Bela Ban
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: