This topic has been archived. It cannot be replied.
-
工作学习 / IT技术讨论 / Jabber,and other Java Gurus please give some suggestionHi, I am designing a project with C/S architecture using RMI. I need to consider a secure communication and authentication
between client and server. I do not know much about RMI security. I want to know if there is some security mechanism I can directly depend on, or with few application level programming?
Thanks
-lsc(Kantata);
2000-10-29
{319}
(#12415@0)
-
My previous experience with Sybase and applet
-sailor(Sailor);
2000-10-29
{599}
(#12438@0)
-
thanks, sailor, your experience is valuable to my project...thanks, sailor, your experience is valuable to my project. I want to know more detail about table privillge and stored procedure, is it product specific or general solution? since we would not bind our project on certain database product.
-lsc(Kantata);
2000-10-30
{238}
(#12546@0)
-
About privilege control of database.For those database system from big vendors like Sybase, you can set the security privilege for tables, records, columns. You can set any of them as readonly, not-accessable, etc.
You may also set privilege for stored procedures.
With the combination of all these security methods, you may define a security mechanism to protect your data and system. If you haven't touch this topic before, I suggest you to study the manual of the database product.
Hope it's helpful.
-sailor(Sailor);
2000-10-31
{481}
(#12694@0)
-
thank you, Sailor
-lsc(Kantata);
2000-11-1
(#12778@0)
-
If your project is not connected to Internet, RMI is good enough.If your project is connected to Internet, go on with RMI. At the final stage, use SSL to encrypt your communication. As for authentication, it is not a probelm that can be solved by using some protocol. If your business is extremely important,
have your boss negotiate with Verisign oor list like to get certificates. Authentication based on certificates are most serious way to authenticate the partners in communications.
-jabber(jabber);
2000-10-30
{430}
(#12529@0)
-
need I use socket factory when using ssl, Jabber?could explain more about it? At the same time, I will try to learn more about RMI
security.
-lsc(Kantata);
2000-10-30
(#12545@0)
-
It depends upon what server you useIf you use Apache, you just need do some configuration work. http and https listen at different number. If you use other servers, I don't have an idea how to implement ssl.
Anyway, it is not difficult to apply ssl. But SSL can encrypt your communications only.
-jabber(jabber);
2000-10-31
{266}
(#12560@0)
-
Thank you, Jabber
-lsc(Kantata);
2000-11-1
(#12779@0)