[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] Question regarding RMI over SSL



I have to admit that I have not really looked deep into RMI yet, but I do
not think this is (currently) possible. You would need some way to get
hold of the socket that was used, but there does not seem to be a way to
do that through the JavaSoft APIs.

If you have any ideas we would of course be interested to hear them.

 Andreas Sterbenz              mailto:Andreas.Sterbenz@iaik.tu-graz.ac.at


-----Ursprüngliche Nachricht-----
Von: Dirk Balfanz <balfanz@CS.Princeton.EDU>
An: <iaik-ssl@iaik.tu-graz.ac.at>
Gesendet: Freitag, 16. Juli 1999 23:44
Betreff: [iaik-ssl] Question regarding RMI over SSL


> Hi there,
>
> I just joined the list. I haven't found the answer in the archives,
> but forgive me if this has been asked before...
>
> I want to do RMI over SSL. Let's assume I have a RMI server like this:
>
> public class MyRMIServerImpl
>    extends SSLUnicastRemoteObject
>    implements MyRMIServer {
>    ...
>
>    public void foo() throws RemoteException {
>      ...
>    }
>
> }
>
> where SSLUnicastRemoteObject takes care of exporting this server with
> SocketFactories that use SSLSockets instead of Sockets. Since I want to
do
> mutual authentication, the SocketFactories also put
> Client/ServerTrustDeciders in the SSL context objects. However, my SSL
layer
> always permits connections; it is up to the application whether it
wants to
> allow certain calls. So here's the question: How can I, within foo(),
find
> out who the (authenticated) party is that is calling me (i.e. obtain
their
> certificates)?
>
> I understand that on the socket level, there is something like
> SSLSocket.getSession().getPeerCertificate(). But how do I do I get my
> hands on that certificate from within my RMIServerImpl?
>
> Any ideas?
>
> Thanks so much,
>
> Dirk.



smime.p7s