• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Tim Cooke
  • Jeanne Boyarsky
  • Liutauras Vilda
Sheriffs:
  • Frank Carver
  • Henry Wong
  • Ron McLeod
Saloon Keepers:
  • Tim Moores
  • Frits Walraven
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Himai Minh

Problem using XmlRpc with SSL in web browser

 
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have been trying desparately for weeks to get SSL working with an existing application that uses XmlRpc between a servlet running on a web server and an applet running through a web browser.

I found the following code online:

import java.util.*;
import java.net.*;
import com.sun.net.ssl.*;
import java.security.cert.X509Certificate;
import java.security.Security;
import javax.net.ssl.SSLSocketFactory;
//import helma.xmlrpc.XmlRpcClient;
import marquee.xmlrpc.*;

/** * SecureXmlRpcClient provides an XML-RPC client that can operate over SSL and that can negotiate
* basic authorization. It is simply a wrapper of Security and URL configuration around an instance
* of the XML-RPC client implementation provided by the marquee package */

public class SecureXmlRpcClient{
private String username;
private String password;
private String urlstring;
private XmlRpcClient client;

/** * Requires the url of the XML-RPC service, the user and password for authentication */
public SecureXmlRpcClient(String urlstring, String username,String password) throws Exception{
this.username = username;
this.password = password;
this.urlstring = urlstring;
//Configuration work to provide SSL support
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");

//Currently server cert is not signed by a CA //so work around by using own TrustManager
X509TrustManager tm = new WorkAroundX509TrustManager();
KeyManager []km = null;
TrustManager []tma = {tm};
SSLContext sc = SSLContext.getInstance("ssl");
sc.init(km,tma,new java.security.SecureRandom());
SSLSocketFactory sf1 = sc.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(sf1);

//end workaround for non-CA signed server cert
//Configuration work to allow negotation of basic authroisation

NetPermission np = new NetPermission("setDefaultAuthenticator");
BasicAuthenticator ba = new BasicAuthenticator(username, password);
java.net.Authenticator.setDefault(ba);
URLConnection.setDefaultAllowUserInteraction(true);
//this.client = new XmlRpcClient(urlstring);
this.client = new XmlRpcClient("server",443,"/app/XmlRpcManager");
}

/** * Execute the required XML-RPC procedure with the required parameters (traffic between the * client and server will be encrypted if the url was s secure one) */

// public Object execute (String s, Vector v)throws Exception{
// return client.execute(s,v);
// }
public Object invoke (String s, Object v[])throws Exception{
return client.invoke(s,v);
}

/** * Inner class to provide a permisive TrustManager for non CA signed server certificates) */
private class WorkAroundX509TrustManager implements X509TrustManager {
public boolean isClientTrusted(X509Certificate[] chain){
return true;
}
public boolean isServerTrusted(X509Certificate[] chain){
return true;
}
public X509Certificate[] getAcceptedIssuers(){
return null;
}
}

/** * Inner class to provide an implemtation of Authenticator */
private class BasicAuthenticator extends Authenticator {
private String username = "";
private String password = "";

public BasicAuthenticator(String username, String password){
this.username = username;
this.password = password;
}
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(this.username, this.password.toCharArray());
}
}
}

The problem seems to be that the client cannot execute the addProvider call:

Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

and the following error is raised when it tries to:

java.security.AccessControlException: access denied (java.security.SecurityPermission insertProvider.SunJSSE)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkSecurityAccess(Unknown Source)
at sun.plugin.security.ActivatorSecurityManager.checkSecurityAccess(Unknown Source)
at java.security.Security.check(Unknown Source)
at java.security.Security.insertProviderAt(Unknown Source)
at java.security.Security.addProvider(Unknown Source)

If anyone has any ideas, I would GREATLY APPRECIATE it. Some sample source code of a working example where the client runs in a web browser would be fantastic.

Thank you,
Sean
 
rubbery bacon. rubbery tiny ad:
Garden Master Course kickstarter
https://coderanch.com/t/754577/Garden-Master-kickstarter
reply
    Bookmark Topic Watch Topic
  • New Topic