| Author |
Security Requirment Part II
|
vijayv shah
Greenhorn
Joined: Mar 09, 2004
Posts: 5
|
|
Hi All,
In part II , the security requiment mentioned is : "All interaction with the customer and the system must be secured with SSL."
Does this mean only web based customer is required to communicate on SSL or it is applicable for java application clients also ? ?
I am not clear the meaning of customer with respect to security requirement.
Thanks so much
Vijay
|
 |
E. Messing
Ranch Hand
Joined: Dec 02, 2003
Posts: 69
|
|
SSL is a transport protocol. This means that many upper protocol can "ride" on it on their way to their host.
These days , the most used "rider" is HTTP - because of the common use of Browsers as client tier. And browsers know HTTP. BUT - every upper protocol (including - for example - IIOP, JRMP)
|
|
vijayv shah
Greenhorn
Joined: Mar 09, 2004
Posts: 5
|
|
Hi There,
Thanks for the prompt reply. I am still not clear .
Are your mentioning RMI/IIOP over SSL ?
Thanks
Vijay
|
|
E. Messing
Ranch Hand
Joined: Dec 02, 2003
Posts: 69
|
|
Yes.
RMI/IIOP is the technology where RMI is invoked through the IIOP protocol. And the IIOP protocol can use SSL. It likes layers of an onion... 
|
|
vijayv shah
Greenhorn
Joined: Mar 09, 2004
Posts: 5
|
|
Thanks for the help. Its clear now.
I also checked some documentation for implementing RMI/IIOP over SSL.
Reagards,
Vijay
|
|
 |
I agree. Here's the link: jrebel
|
|
subject: Security Requirment Part II
|
|
|
0
