File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Sockets and Internet Protocols and the fly likes Security over socket connection Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Sockets and Internet Protocols
Bookmark "Security over socket connection" Watch "Security over socket connection" New topic
Author

Security over socket connection

Jim Barkley
Greenhorn

Joined: Jun 23, 2011
Posts: 12
Hi guys.

So I think I will have to do a little explanation of what I've been working on.


It's my company's internal project; there will be three server computers, which will accept connection from sockets at a specified port, and performs some requests sent over the socket.

This connection will be made from a single tomcat servlet, which is also within the company's domain.


Since the server computers will be opening that specific port all day long, I figured that I need some sort of mechanism to reject connections coming outside of the domain.




There are two options.


1. Reject at Tomcat. Since this system requires all the users who need to use the system to first go to the web service hosted by tomcat, it would, well, sort of comply with the abstraction that I'm trying to follow: The user only interacts with web service.
2. Reject at the server program. Tomcat will not check for anything. It will simply relay the request to the server, where the connection will be examined and either accepted or rejected.


Option 1, like I said, looks cleaner, but server is still opening a socket which can be accessed directly if someone knows the ip address of the server.
My supervisor suggested that I require the users to enter domain credentials before making a request, and check it against the domain server (at tomcat) before relaying the request to the server. There is a library(for tomcat) he had worked with before.

I personally like option 2 better, but I can't seem to find a good library for it .I don't even know what query I should send to google to search for this sort of thing. I've tried everything that I think was descriptive enough, but still google returns nothing useful.





So here are my questions.

1. Which option do you think is more secure?

2. Do you know any good library I can use for option 2?




Thanks in advance.
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18991
    
    8

It would be best to start with your requirements. Which I can't tell what they are from that post.

You started with
I need some sort of mechanism to reject connections coming outside of the domain

which would be easy enough if that were the only requirement, but then it appeared there was some kind of web service involved and the possibility of authentication. And apparently accessing the server "directly" was a bad thing but I couldn't tell why.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42946
    
  70
If the Tomcat is on the only machine that can legitimately make requests to the servers, then accept requests from all machines, check the IP address, and if it's not the Tomcat machine, end the connection before doing anything.

I figured that I need some sort of mechanism to reject connections coming outside of the domain.

A firewall.
Jim Barkley
Greenhorn

Joined: Jun 23, 2011
Posts: 12
Paul Clapham wrote:And apparently accessing the server "directly" was a bad thing but I couldn't tell why.


Because the servers will first expect some inputs from the client, and I thought it would be possible to send foul data through the socket which could potentially put the server machines in danger.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42946
    
  70
Why would you accept the data if it didn't come from a pre-approved server (i.e., the Tomcat)?
Jim Barkley
Greenhorn

Joined: Jun 23, 2011
Posts: 12
Ulf Dittmer wrote:If the Tomcat is on the only machine that can legitimately make requests to the servers, then accept requests from all machines, check the IP address, and if it's not the Tomcat machine, end the connection before doing anything.


I might not be able to set up a static IP address on tomcat.


Ulf Dittmer wrote:A firewall.


That's what I haven't thought about yet. So sockets opened up by JVM runs behind firewall, I guess?
Jim Barkley
Greenhorn

Joined: Jun 23, 2011
Posts: 12
Ulf Dittmer wrote:Why would you accept the data if it didn't come from a pre-approved server (i.e., the Tomcat)?


That's precisely why I posted this question. I want to make it so that server accepts data only from verified user (or server, which would be easier if I had a machine with static IP...)
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42946
    
  70
I might not be able to set up a static IP address on tomcat.

How will the Tomcat be reachable from the outside world if it doesn't have static IP address?

That's what I haven't thought about yet. So sockets opened up by JVM runs behind firewall, I guess?

Firewalls have nothing to do with the JVM. But in this day and age, nobody runs a network that is accessible from the outside without a firewall in between.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42946
    
  70
I want to make it so that server accepts data only from verified user (or server, which would be easier if I had a machine with static IP...)

Forget about users. If the Tomcat doesn't have static IP -which it should-, have it check in with the 3 servers each time it starts up; that way the servers know from which IP to expect connections.
Jim Barkley
Greenhorn

Joined: Jun 23, 2011
Posts: 12
Right now, on Tomcat startup, a domain email is sent out(at context listener) broadcasting it's address.



I have never worked with network before, so please excuse me for ignorance with this matter.


Is static IP address hard thing to come by? If not, server side setup should be easier(accept connection from specified IP only), and I would still have to do some verification on the Tomcat.
Jim Barkley
Greenhorn

Joined: Jun 23, 2011
Posts: 12
Ulf Dittmer wrote:If the Tomcat doesn't have static IP -which it should-, have it check in with the 3 servers each time it starts up; that way the servers know from which IP to expect connections.


Oh, now I start to see something. Thanks for the suggestion.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42946
    
  70
Not sure what you mean by "domain email" - do those servers have email integration? Using sockets seems easier, though.

Is static IP address hard thing to come by?

A sys admin can set that up in 60 seconds. If the server doesn't have a static IP, how would you configure the firewall to allow traffic to that machine?

The Tomcat runs the web service that accepts access from the outside, right? What do you mean by "some verification"?
Jim Barkley
Greenhorn

Joined: Jun 23, 2011
Posts: 12
I have written a class that sends out an email to a specified alias in the domain network. This is also used to send out a notice to the requester when the request is complete.



And this is intended to be used within the domain network only (I think I mentioned it?)
It's just that I can access to web service from outside the domain network now.

So I guess I know what to do for the server computers.

The verification I talked about was to check if the request is sent from a user within the domain (i.e. a company employee).


If it is possible to configure Tomcat to reject connections from outside the domain network, then problem is solved.

If it is not possible, I will need some sort of user authentication (thinking about using WAFFLE).
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42946
    
  70
If it is possible to configure Tomcat to reject connections from outside the domain network, then problem is solved.

I had misunderstood the problem. If the Tomcat is not supposed to be accessible from the outside world, then don't allow traffic to it at the firewall. Problem solved.
Jim Barkley
Greenhorn

Joined: Jun 23, 2011
Posts: 12
Thank you very much both of you. You guys are awesome



Thanks for the help!
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Security over socket connection