wood burning stoves 2.0*
The moose likes Security and the fly likes How to specify (security) configuration directives in java Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "How to specify (security) configuration directives in java" Watch "How to specify (security) configuration directives in java" New topic
Author

How to specify (security) configuration directives in java

Ravi Danum
Ranch Hand

Joined: Jan 13, 2009
Posts: 104
Hello,

I want to use the NSS (Network Security Services) libraries with java JCA.

I have found on the Oracle website at:

http://docs.oracle.com/javase/6/docs/technotes/guides/security/p11guide.html#NSS

that NSS specific configuration directives must be set.

An example of this is shown below:

NSS as a FIPS 140 compliant crypto token:

name = NSSfips
nssLibraryDirectory = /opt/tests/nss/lib
nssSecmodDirectory = /opt/tests/nss/fipsdb
nssModule = fips

My question is: how are these configuration directives specified...in a properties file, or in the code?

I haven't used configuration directives before in java.

Any help is appreciated.

Thanks.

-ravi

Ravi Danum
Ranch Hand

Joined: Jan 13, 2009
Posts: 104

Hello,

I think I found the answer at the following link:

http://java.sun.com/developer/technicalArticles/J2SE/security/

The instructions are as follows:

Just like other providers, a PKCS#11 provider can be installed dynamically at runtime or statically in the Java technology security properties file, $JAVA_HOME/lib/security/java.security. You can use the following code to programmatically create and install the PKCS#11 provider at runtime:

String configFileName = "/opt/foo/sunpkcs11-Foo.cfg";

Provider myPKCS11Prov =
new sun.security.pkcs11.SunPKCS11(configFileName);
Security.insertProviderAt(myPKCS11Prov, 1);



To statically install the PKCS#11 provider, add the following provider preference entry to the Java technology security properties file:

security.provider.1=sun.security.pkcs11.SunPKCS11 \
/opt/foo/sunpkcs11-Foo.cfg



-ravi
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: How to specify (security) configuration directives in java
 
Similar Threads
How do I configure java 6 to use FIPS 140-2 complaint SSL ??
FIPS compliant Tomcat using JSSE
Does java.security.MessageDigest use the NSS libraries provided by Mozilla?
including apache modules
Search wifi device by J2ME