RE: [xmlblaster] adding SSL to xmlBlaster

["Madere, Colin" <colin.madere at ieminc.com>]

The FAQ doesn't say it, but wouldn't you have to set up the proxy ssh
situation on the server too and have xmlBlaster connect to the local port
just as the client connects to its local port?

Also, I'm looking for a client solution that is enclosed in the client so...
I'm going to have to use JSSE for any Java-based clients (which is ok,
however, will mean I have to hack up the xmlBlaster client libs OR do a code
version of what's suggested in the FAQ.... going to try out that second
option and see where it leads me)

Thanks for the reference.

-----Original Message-----
From: Marcel Ruff [mailto:mr at marcelruff.info] 
Sent: Saturday, May 17, 2003 7:30 AM
To: xmlblaster at server.xmlblaster.org
Subject: Re: [xmlblaster] adding SSL to xmlBlaster


Madere, Colin wrote:

>My project is pretty committed to xmlBlaster, however, our client will 
>require all communication to be done over SSL with client-certs (PKI).
>
>Some ideas on where to start looking for how much work this is going to 
>be? I'm already looking into integration with Tomcat for authentication 
>and authorization, but it seems I will still have to add SSL 
>encrypt/decrypt functionality to xmlBlaster and all clients for 
>transport layer security.
>
>Hit me with the bad (good?) news.
>
>Colin
>
Hi Colin

You can establish an SSL tunnel, see:

  http://www.xmlblaster.org/FAQ.html#SSH


Another possibility is to use JacORB's SSL features, see

 http://www.jacorb.org

If you use RMI or XmlRpc i think there are solutions as well

please report if/how you succeeded (for our FAQ),

thanks

Marcel


PS: Authentication and authorization with tomcat probably requires that 
you write a security plugin.