You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@velocity.apache.org by Manvendra Baghel <ma...@yahoo.com> on 2005/08/19 16:03:26 UTC
Client Authentication in XML RPC
Hi friends,
I am working on Turbine 2.3 and velocity.
I am trying to implement xml rpc in Brihaspati e LMS
I am unable to decide how to go in for client
authentication.
Turbine xml-rpc service use file handler methods
get/ send for handling files.But they are not secure
Any one can access files by them.
MY PROBLEM IS THIS:
I HAVE LIST OF IP ADDRESSES AND I WANT THAT ONLY THEY
SHOULD ACCESS MY FILES .
for that how to work with
TurbineResouces.properties
is not clear.
My property file is below
services.XmlRpcService.handler.file =
org.apache.turbine.services.xmlrpc.util.FileHandler
services.XmlRpcService.handler.remote =
org.iitk.brihaspati.modules.utils.RemoteCourseUtil
services.XmlRpcService.handler.remote1 =
org.iitk.brihaspati.modules.utils.RemoteCourseUtilServer
services.XmlRpcService.paranoid = true
services.XmlRpcService.acceptClient = 172.28.44.*
services.XmlRpcService.denyClient =
# Do we want a secure server
services.XmlRpcService.secure.server = false
# Secure server options
services.XmlRpcService.secure.server.option.java.protocol.handler.pkgs
= \
com.sun.net.ssl.internal.www.protocol
services.XmlRpcService.secure.server.option.security.provider
= \
com.sun.net.ssl.internal.ssl.Provider
services.XmlRpcService.secure.server.option.security.protocol
= TLS
# You probably want to keep your key stores and trust
stores
# clear out of your webapp.
services.XmlRpcService.secure.server.option.javax.net.ssl.keyStore
= /tmp/keystore
services.XmlRpcService.secure.server.option.javax.net.ssl.keyStoreType
= jks
services.XmlRpcService.secure.server.option.javax.net.ssl.keyStorePassword
= password
services.XmlRpcService.secure.server.option.javax.net.ssl.trustStore
= /tmp/truststore
services.XmlRpcService.secure.server.option.javax.net.ssl.trustStoreType
= jks
services.XmlRpcService.secure.server.option.javax.net.ssl.trustStorePassword
= password
services.XmlRpcService.secure.server.option.sun.ssl.keymanager.type
= SunX509
services.XmlRpcService.secure.server.option.sun.ssl.trust.manager.type
= SunX509
# These values should be set to 'all' for debugging
purposes.
services.XmlRpcService.secure.server.option.javax.net.debug
= all
services.XmlRpcService.secure.server.option.java.security.debug
= all
ONE OF MY PROBLEM IS WHEN I SET
services.XmlRpcService.secure.server = true
Xml rpc call fails
HOW TO USE SECURE SERVER OPTION......
Thanks for help in advance
cheers
Manav
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: velocity-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: velocity-user-help@jakarta.apache.org
Re: Client Authentication in XML RPC
Posted by Nathan Bubna <nb...@gmail.com>.
Hi Manvendra,
Since this question doesn't actually have anything to do with Velocity
or Turbine's VelocityService, you'll be a lot more likely to find
someone who can help you answer it on the turbine-user mailing list.
I suggest you try asking it there.
Thanks!
On 8/19/05, Manvendra Baghel <ma...@yahoo.com> wrote:
> Hi friends,
> I am working on Turbine 2.3 and velocity.
> I am trying to implement xml rpc in Brihaspati e LMS
> I am unable to decide how to go in for client
> authentication.
> Turbine xml-rpc service use file handler methods
> get/ send for handling files.But they are not secure
> Any one can access files by them.
> MY PROBLEM IS THIS:
> I HAVE LIST OF IP ADDRESSES AND I WANT THAT ONLY THEY
> SHOULD ACCESS MY FILES .
> for that how to work with
> TurbineResouces.properties
> is not clear.
> My property file is below
>
> services.XmlRpcService.handler.file =
> org.apache.turbine.services.xmlrpc.util.FileHandler
> services.XmlRpcService.handler.remote =
> org.iitk.brihaspati.modules.utils.RemoteCourseUtil
> services.XmlRpcService.handler.remote1 =
> org.iitk.brihaspati.modules.utils.RemoteCourseUtilServer
> services.XmlRpcService.paranoid = true
> services.XmlRpcService.acceptClient = 172.28.44.*
> services.XmlRpcService.denyClient =
>
> # Do we want a secure server
>
> services.XmlRpcService.secure.server = false
>
> # Secure server options
>
> services.XmlRpcService.secure.server.option.java.protocol.handler.pkgs
> = \
> com.sun.net.ssl.internal.www.protocol
>
> services.XmlRpcService.secure.server.option.security.provider
> = \
> com.sun.net.ssl.internal.ssl.Provider
>
> services.XmlRpcService.secure.server.option.security.protocol
> = TLS
>
> # You probably want to keep your key stores and trust
> stores
> # clear out of your webapp.
>
> services.XmlRpcService.secure.server.option.javax.net.ssl.keyStore
> = /tmp/keystore
> services.XmlRpcService.secure.server.option.javax.net.ssl.keyStoreType
> = jks
> services.XmlRpcService.secure.server.option.javax.net.ssl.keyStorePassword
> = password
> services.XmlRpcService.secure.server.option.javax.net.ssl.trustStore
> = /tmp/truststore
> services.XmlRpcService.secure.server.option.javax.net.ssl.trustStoreType
> = jks
> services.XmlRpcService.secure.server.option.javax.net.ssl.trustStorePassword
> = password
>
> services.XmlRpcService.secure.server.option.sun.ssl.keymanager.type
> = SunX509
> services.XmlRpcService.secure.server.option.sun.ssl.trust.manager.type
> = SunX509
>
> # These values should be set to 'all' for debugging
> purposes.
>
> services.XmlRpcService.secure.server.option.javax.net.debug
> = all
> services.XmlRpcService.secure.server.option.java.security.debug
> = all
>
>
> ONE OF MY PROBLEM IS WHEN I SET
> services.XmlRpcService.secure.server = true
>
> Xml rpc call fails
>
> HOW TO USE SECURE SERVER OPTION......
>
> Thanks for help in advance
>
> cheers
> Manav
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: velocity-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: velocity-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: velocity-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: velocity-user-help@jakarta.apache.org