You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Filip Hanik - Dev Lists <de...@hanik.com> on 2011/11/23 16:18:50 UTC
Re: Securing Tomcat cluster communication
On 10/6/2011 8:31 AM, Afkham Azeez wrote:
> I had a look at the Tribes code. Can somebody please explain how
> Channel.SEND_OPTIONS_SECURE works?
not yet implemented :(
>
> > From the JavaDoc: SEND_OPTIONS_SECURE - Message is sent over an encrypted
> channel
>
> How is this encrypted channel setup? How do we define the keys/keystores
> etc?
>
>
> On Thu, Oct 6, 2011 at 7:47 PM, Afkham Azeez<af...@gmail.com> wrote:
>
>> Hi folks,
>> Is there a way to do authentication in Tribes when new members try to join
>> a cluster so that unauthorized nodes cannot join in? Also, when clustering
>> messages are sent back& forth, how do we ensure security?
>>
>> Thanks
>> Azeez
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Securing Tomcat cluster communication
Posted by Afkham Azeez <af...@gmail.com>.
Thanks Filip. I will try to implement this & contribute it back to Tomcat
if that would be useful.
Azeez
On Thu, Nov 24, 2011 at 2:06 AM, Filip Hanik - Dev Lists <devlists@hanik.com
> wrote:
> Yes, that way you could encrypt your data packets and not worry about the
> wire protocol.
> the placement of the interceptor will be important, so that you don't
> encrypt packets you don't need to (like ping and failure detection)
>
> Filip
>
>
> On 11/23/2011 10:53 AM, Afkham Azeez wrote:
>
>> On Wed, Nov 23, 2011 at 8:48 PM, Filip Hanik - Dev Lists<
>> devlists@hanik.com
>>
>>> wrote:
>>> On 10/6/2011 8:31 AM, Afkham Azeez wrote:
>>>
>>> I had a look at the Tribes code. Can somebody please explain how
>>>> Channel.SEND_OPTIONS_SECURE works?
>>>>
>>>> not yet implemented :(
>>>
>>> What is the proper way of implementing this if I was to do it?
>> Implement an
>> interceptor which will handle encryption/decryption? This is for Axis2
>> clustering which uses Tribes, so we could use the Tribes API.
>>
>>
>>
>> From the JavaDoc: SEND_OPTIONS_SECURE - Message is sent over an
>>>>>
>>>> encrypted
>>>> channel
>>>>
>>>> How is this encrypted channel setup? How do we define the keys/keystores
>>>> etc?
>>>>
>>>>
>>>> On Thu, Oct 6, 2011 at 7:47 PM, Afkham Azeez<af...@gmail.com> wrote:
>>>>
>>>> Hi folks,
>>>>
>>>>> Is there a way to do authentication in Tribes when new members try to
>>>>> join
>>>>> a cluster so that unauthorized nodes cannot join in? Also, when
>>>>> clustering
>>>>> messages are sent back& forth, how do we ensure security?
>>>>>
>>>>> Thanks
>>>>> Azeez
>>>>>
>>>>>
>>>>>
>>>>> ------------------------------****----------------------------**
>>> --**---------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apa**che.org<http://apache.org>
>>> <us...@tomcat.apache.org>
>>> >
>>>
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>>
>>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<us...@tomcat.apache.org>
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
*Afkham Azeez*
Director of Architecture; WSO2, Inc.; http://wso2.com,
*Member; Apache Software Foundation;
**http://www.apache.org/*<http://www.apache.org/>
*
*
*email: **azeez@wso2.com* <az...@wso2.com>* cell: +94 77 3320919
blog: **http://blog.afkham.org* <http://blog.afkham.org>*
twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez>
*
linked-in: **http://lk.linkedin.com/in/afkhamazeez*
*
*
*Lean . Enterprise . Middleware*
*
*
Re: Securing Tomcat cluster communication
Posted by Filip Hanik - Dev Lists <de...@hanik.com>.
Yes, that way you could encrypt your data packets and not worry about the wire protocol.
the placement of the interceptor will be important, so that you don't encrypt packets you don't need to (like ping and failure detection)
Filip
On 11/23/2011 10:53 AM, Afkham Azeez wrote:
> On Wed, Nov 23, 2011 at 8:48 PM, Filip Hanik - Dev Lists<devlists@hanik.com
>> wrote:
>> On 10/6/2011 8:31 AM, Afkham Azeez wrote:
>>
>>> I had a look at the Tribes code. Can somebody please explain how
>>> Channel.SEND_OPTIONS_SECURE works?
>>>
>> not yet implemented :(
>>
> What is the proper way of implementing this if I was to do it? Implement an
> interceptor which will handle encryption/decryption? This is for Axis2
> clustering which uses Tribes, so we could use the Tribes API.
>
>
>
>>>> From the JavaDoc: SEND_OPTIONS_SECURE - Message is sent over an
>>> encrypted
>>> channel
>>>
>>> How is this encrypted channel setup? How do we define the keys/keystores
>>> etc?
>>>
>>>
>>> On Thu, Oct 6, 2011 at 7:47 PM, Afkham Azeez<af...@gmail.com> wrote:
>>>
>>> Hi folks,
>>>> Is there a way to do authentication in Tribes when new members try to
>>>> join
>>>> a cluster so that unauthorized nodes cannot join in? Also, when
>>>> clustering
>>>> messages are sent back& forth, how do we ensure security?
>>>>
>>>> Thanks
>>>> Azeez
>>>>
>>>>
>>>>
>> ------------------------------**------------------------------**---------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<us...@tomcat.apache.org>
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Securing Tomcat cluster communication
Posted by Afkham Azeez <af...@gmail.com>.
On Wed, Nov 23, 2011 at 8:48 PM, Filip Hanik - Dev Lists <devlists@hanik.com
> wrote:
> On 10/6/2011 8:31 AM, Afkham Azeez wrote:
>
>> I had a look at the Tribes code. Can somebody please explain how
>> Channel.SEND_OPTIONS_SECURE works?
>>
> not yet implemented :(
>
What is the proper way of implementing this if I was to do it? Implement an
interceptor which will handle encryption/decryption? This is for Axis2
clustering which uses Tribes, so we could use the Tribes API.
>
>> > From the JavaDoc: SEND_OPTIONS_SECURE - Message is sent over an
>> encrypted
>> channel
>>
>> How is this encrypted channel setup? How do we define the keys/keystores
>> etc?
>>
>>
>> On Thu, Oct 6, 2011 at 7:47 PM, Afkham Azeez<af...@gmail.com> wrote:
>>
>> Hi folks,
>>> Is there a way to do authentication in Tribes when new members try to
>>> join
>>> a cluster so that unauthorized nodes cannot join in? Also, when
>>> clustering
>>> messages are sent back& forth, how do we ensure security?
>>>
>>> Thanks
>>> Azeez
>>>
>>>
>>>
>>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<us...@tomcat.apache.org>
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
*Afkham Azeez*
Director of Architecture; WSO2, Inc.; http://wso2.com,
*Member; Apache Software Foundation;
**http://www.apache.org/*<http://www.apache.org/>
*
*
*email: **azeez@wso2.com* <az...@wso2.com>* cell: +94 77 3320919
blog: **http://blog.afkham.org* <http://blog.afkham.org>*
twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez>
*
linked-in: **http://lk.linkedin.com/in/afkhamazeez*
*
*
*Lean . Enterprise . Middleware*
*
*