Java开发网 Java开发网
注册 | 登录 | 帮助 | 搜索 | 排行榜 | 发帖统计  

您没有登录

» Java开发网 » Java Security » 精华区  

按打印兼容模式打印这个话题 打印话题    把这个话题寄给朋友 寄给朋友    该主题的所有更新都将Email到你的邮箱 订阅主题
flat modethreaded modego to previous topicgo to next topicgo to back
作者 Re:请教:如何在websphere4.0.3环境上使用第三方JCE Provider [Re:cckoan]
mydownload128



发贴: 0
积分: 0
于 2003-03-08 11:45 user profilesend a private message to usersearch all posts byselect and copy to clipboard. ie only, sorry for netscape users:-)add this post to my favorite list
Grant Permission
================

Grant the permission to jce1_2_2.jar. The java.security.AllPermission should be granted to the JCE 1.2.2 framework (jce1_2_2.jar). Edit the java.policy file in x:\jre_installdir\lib\security and add this statement:
grant codeBase "file:///D:\JCE1.2.2\lib\jce1_2_2.jar" {
permission java.security.AllPermission;
};

Grant the permission to sunjce_provider.jar. The following permissions should be granted to the SunJCE provider (and other JCE providers if you are using another vendor’s implementation):
java.io.FilePermission to read the sunjce_provider.jar file
java.lang.RuntimePermission to get class protection domains
java.security.SecurityPermission to put (set) provider properties
Edit the java.policy file in x:\jre_installdir\lib\security and add this statement:

grant codeBase "file:///D:\JCE1.2.2\lib\sunjce_provider.jar" {
permission java.io.FilePermission
"D:\JCE1.2.2\lib\sunjce_provider.jar", "read";
permission java.lang.RuntimePermission
"getProtectionDomain";
permission java.security.SecurityPermission
"putProviderProperty.SunJCE";
};

Register JCE provider
================

Register the Sun JCE provider, which you can do either statically or dynamically:

Static registration

Add the Sun JCE provider to your list of approved providers by editing the security properties file java.security in x:\jre_installdir\lib\security\. The java.security file should have a statement for each provider to be registered statically. Each such statement declares a provider and specifies its preference order n, which is the order in which providers are searched for requested algorithms when no specific provider is requested. Preference order 1 is the most preferred, followed by 2, and so on.

In the JRE for WAS 4.03, Sun, IBMJCE, and IBM JSSE have already been configured as static providers:

security.provider.1=sun.security.provider.Sun
security.provider.2=com.ibm.crypto.provider.IBMJCE
security.provider.3=com.ibm.jsse.JSSEProvider

These three security providers may have implemented the algorithms you need. Therefore, you may not need another security provider for your applications. These three security providers are needed for the WebSphere Test Environment. Do not replace or remove these three lines, or the WebSphere Test Environment may fail to start up properly.

To configure other providers, follow those three security providers with other lines of the proper format, replacing the class name with the fully qualified master class name you obtain from the provider vendor, and entering the priority that you want to assign to the provider. For example, to configure Sun JCE as your #4 preferred provider, add the following line to the java.security file after the line for the Sun provider:

security.provider.4=com.sun.crypto.provider.SunJCE

Dynamic registration

To register the SunJCE provider dynamically, add the following lines of code at the beginning of your program:

Security.addProvider(
new com.sun.crypto.provider.SunJCE());

The above code will add the Sun JCE provider as the last-approved security provider in the security registry. Since different providers may implement the same algorithms, if the Sun JCE provider is the last one in the preference order, and no specific provider is requested, the Sun JCE provider may not be picked as the service provider for algorithms that are also implemented by other providers. Therefore, you may want to add the Sun JCE provider as the first one in the approved list by using this code:

Security.insertProviderAt(
new com.sun.crypto.provider.SunJCE(),1);

Add jar files to classpath
===================

you also need to add jce1_2_2.jar and sunjce_provider.jar into the classpath of the server instance

That's



话题树型展开
人气 标题 作者 字数 发贴时间
18912 请教:如何在websphere4.0.3环境上使用第三方JCE Provider cckoan 132 2003-01-13 10:25
14820 Re:请教:如何在websphere4.0.3环境上使用第三方JCE Provider menzy 90 2003-01-15 08:49
14772 Re:请教:如何在websphere4.0.3环境上使用第三方JCE Provider cckoan 173 2003-01-15 09:01
15821 Re:请教:如何在websphere4.0.3环境上使用第三方JCE Provider mydownload128 3878 2003-03-08 11:45

flat modethreaded modego to previous topicgo to next topicgo to back
  已读帖子
  新的帖子
  被删除的帖子
Jump to the top of page

   Powered by Jute Powerful Forum® Version Jute 1.5.6 Ent
Copyright © 2002-2021 Cjsdn Team. All Righits Reserved. 闽ICP备05005120号-1
客服电话 18559299278    客服信箱 714923@qq.com    客服QQ 714923