You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Diego Castillo <di...@inexbee.com> on 2003/05/07 16:38:54 UTC
Using Cryptix within a mailet
Hi all,
I am trying to use cryptix Security Provider within a mailet. I am
having trouble with the Phoenix JRE, which is not the same as the JRE of
a standalone application.
In a standalone application I need to modify
JRE/lib/security/java.security in order to add the CryptixCrypto
Security Provider. I copy the cryptix .jar file to JRE/lib/ext as well.
This does not work with James. I need to include the cryptix .jar file
inside my james.sar file, and I need to register the CryptixCrypto
Security Provider programmatically.
Why are my JRE settings being ignored within Phoenix?
Is there another way to add a Security Provider for a mailet?
The only Security Providers that I get by default are: SUN, SunJSSE,
SunRsaSign and SunJGSS. This does not correspond to my java.security
file. Which one is being used? My JVM is Sun 1.4.1_01 under W2K SP3.
Regards,
Diego
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE : RE : Using Cryptix within a mailet
Posted by Diego Castillo <di...@inexbee.com>.
Hi Peter,
You got it right!
I put my .jar file $PHOENIX_HOME/lib and the CryptixCrypto provider is
there. I do not need to remove -Djava.security.policy from run.bat, as
it does not override the JRE's java.security file.
Thanks a lot for your valuable help.
Diego
-----Message d'origine-----
De : Peter Royal [mailto:proyal@apache.org]
Envoye : mercredi 7 mai 2003 18:59
A : Diego Castillo
Cc : 'Avalon Developers List'; James List
Objet : Re: RE : Using Cryptix within a mailet
On Wednesday, May 7, 2003, at 12:49 PM, Diego Castillo wrote:
> Thanks for your suggestions, but I still need to add the provider
> programmatically.
>
> Putting the .jar file in $PHOENIX_HOME/lib instead of
> james.sar!/SAR-INF/lib looks equivalent to me. This is not really an
> issue.
Does your line JRE/lib/security/java.security work if the jar is in
$PHOENIX_HOME/lib ?
My line of thinking is:
JVM starts up, reads java.security, sees your line, attempts to load
the provider via the classpath (including java.ext.dirs), and since the
class is not in the classpath, it bails.
So maybe by making the jar available in java.ext.dirs
($PHOENIX_HOME/lib), the line in java.security will take hold.
-pete
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org
RE : RE : Using Cryptix within a mailet
Posted by Diego Castillo <di...@inexbee.com>.
Hi Peter,
You got it right!
I put my .jar file $PHOENIX_HOME/lib and the CryptixCrypto provider is
there. I do not need to remove -Djava.security.policy from run.bat, as
it does not override the JRE's java.security file.
Thanks a lot for your valuable help.
Diego
-----Message d'origine-----
De : Peter Royal [mailto:proyal@apache.org]
Envoye : mercredi 7 mai 2003 18:59
A : Diego Castillo
Cc : 'Avalon Developers List'; James List
Objet : Re: RE : Using Cryptix within a mailet
On Wednesday, May 7, 2003, at 12:49 PM, Diego Castillo wrote:
> Thanks for your suggestions, but I still need to add the provider
> programmatically.
>
> Putting the .jar file in $PHOENIX_HOME/lib instead of
> james.sar!/SAR-INF/lib looks equivalent to me. This is not really an
> issue.
Does your line JRE/lib/security/java.security work if the jar is in
$PHOENIX_HOME/lib ?
My line of thinking is:
JVM starts up, reads java.security, sees your line, attempts to load
the provider via the classpath (including java.ext.dirs), and since the
class is not in the classpath, it bails.
So maybe by making the jar available in java.ext.dirs
($PHOENIX_HOME/lib), the line in java.security will take hold.
-pete
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: RE : Using Cryptix within a mailet
Posted by Peter Royal <pr...@apache.org>.
On Wednesday, May 7, 2003, at 12:49 PM, Diego Castillo wrote:
> Thanks for your suggestions, but I still need to add the provider
> programmatically.
>
> Putting the .jar file in $PHOENIX_HOME/lib instead of
> james.sar!/SAR-INF/lib looks equivalent to me. This is not really an
> issue.
Does your line JRE/lib/security/java.security work if the jar is in
$PHOENIX_HOME/lib ?
My line of thinking is:
JVM starts up, reads java.security, sees your line, attempts to load
the provider via the classpath (including java.ext.dirs), and since the
class is not in the classpath, it bails.
So maybe by making the jar available in java.ext.dirs
($PHOENIX_HOME/lib), the line in java.security will take hold.
-pete
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org
Re: RE : Using Cryptix within a mailet
Posted by Peter Royal <pr...@apache.org>.
On Wednesday, May 7, 2003, at 12:49 PM, Diego Castillo wrote:
> Thanks for your suggestions, but I still need to add the provider
> programmatically.
>
> Putting the .jar file in $PHOENIX_HOME/lib instead of
> james.sar!/SAR-INF/lib looks equivalent to me. This is not really an
> issue.
Does your line JRE/lib/security/java.security work if the jar is in
$PHOENIX_HOME/lib ?
My line of thinking is:
JVM starts up, reads java.security, sees your line, attempts to load
the provider via the classpath (including java.ext.dirs), and since the
class is not in the classpath, it bails.
So maybe by making the jar available in java.ext.dirs
($PHOENIX_HOME/lib), the line in java.security will take hold.
-pete
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE : Using Cryptix within a mailet
Posted by Diego Castillo <di...@inexbee.com>.
Hi Peter,
Thanks for your suggestions, but I still need to add the provider
programmatically.
Putting the .jar file in $PHOENIX_HOME/lib instead of
james.sar!/SAR-INF/lib looks equivalent to me. This is not really an
issue.
Removing -Djava.security.policy from run.bat did not solve the problem.
In this file, I need to append a line in order to declare a new Security
Provider:
security.provider.6=cryptix.jce.provider.CryptixCrypto
Otherwise, I need to add it programmatically:
Security.addProvider(new cryptix.jce.provider.CryptixCrypto());
I found this workaround in one of the James' proposals:
org.apache.james.smtpserver.SaslProfile
Regards,
Diego
-----Message d'origine-----
De : Peter Royal [mailto:proyal@apache.org]
Envoye : mercredi 7 mai 2003 17:40
A : Avalon Developers List
Cc : James Users List
Objet : Re: Using Cryptix within a mailet
On Wednesday, May 7, 2003, at 11:30 AM, Noel J. Bergman wrote:
> I am trying to use cryptix Security Provider within a mailet. I am
> having trouble with the Phoenix JRE, which is not the same as the JRE
> of
> a standalone application.
It is the same, just some extra command-line parameters added :)
> In a standalone application I need to modify
> JRE/lib/security/java.security in order to add the CryptixCrypto
> Security Provider. I copy the cryptix .jar file to JRE/lib/ext as
well.
>
> This does not work with James. I need to include the cryptix .jar file
> inside my james.sar file, and I need to register the CryptixCrypto
> Security Provider programmatically.
>
> Why are my JRE settings being ignored within Phoenix?
> Is there another way to add a Security Provider for a mailet?
Your lib/ext is being ignored because phoenix puts
"-Djava.ext.dirs=$PHOENIX_HOME/lib" on the command line for the JVM.
You should be able to put your jar in $PHOENIX_HOME/lib and have it
recognized by your application.
As for the java.security file, what all is in there? The only
"override" that may apply to that is:
-Djava.security.policy=jar:file:$PHOENIX_HOME/bin/phoenix-loader.jar!/
META-INF/java.policy
on the JVM command line. Can you remove that and have it work?
-pete
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org
RE: Using Cryptix within a mailet
Posted by "Noel J. Bergman" <no...@devtech.com>.
> On Wednesday, May 7, 2003, at 11:30 AM, Noel J. Bergman wrote:
Actually, Diego wrote ... :-) I just re-directed it.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org
Re: Using Cryptix within a mailet
Posted by Peter Royal <pr...@apache.org>.
On Wednesday, May 7, 2003, at 11:30 AM, Noel J. Bergman wrote:
> I am trying to use cryptix Security Provider within a mailet. I am
> having trouble with the Phoenix JRE, which is not the same as the JRE
> of
> a standalone application.
It is the same, just some extra command-line parameters added :)
> In a standalone application I need to modify
> JRE/lib/security/java.security in order to add the CryptixCrypto
> Security Provider. I copy the cryptix .jar file to JRE/lib/ext as well.
>
> This does not work with James. I need to include the cryptix .jar file
> inside my james.sar file, and I need to register the CryptixCrypto
> Security Provider programmatically.
>
> Why are my JRE settings being ignored within Phoenix?
> Is there another way to add a Security Provider for a mailet?
Your lib/ext is being ignored because phoenix puts
"-Djava.ext.dirs=$PHOENIX_HOME/lib" on the command line for the JVM.
You should be able to put your jar in $PHOENIX_HOME/lib and have it
recognized by your application.
As for the java.security file, what all is in there? The only
"override" that may apply to that is:
-Djava.security.policy=jar:file:$PHOENIX_HOME/bin/phoenix-loader.jar!/
META-INF/java.policy
on the JVM command line. Can you remove that and have it work?
-pete
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: Using Cryptix within a mailet
Posted by Peter Royal <pr...@apache.org>.
On Wednesday, May 7, 2003, at 11:30 AM, Noel J. Bergman wrote:
> I am trying to use cryptix Security Provider within a mailet. I am
> having trouble with the Phoenix JRE, which is not the same as the JRE
> of
> a standalone application.
It is the same, just some extra command-line parameters added :)
> In a standalone application I need to modify
> JRE/lib/security/java.security in order to add the CryptixCrypto
> Security Provider. I copy the cryptix .jar file to JRE/lib/ext as well.
>
> This does not work with James. I need to include the cryptix .jar file
> inside my james.sar file, and I need to register the CryptixCrypto
> Security Provider programmatically.
>
> Why are my JRE settings being ignored within Phoenix?
> Is there another way to add a Security Provider for a mailet?
Your lib/ext is being ignored because phoenix puts
"-Djava.ext.dirs=$PHOENIX_HOME/lib" on the command line for the JVM.
You should be able to put your jar in $PHOENIX_HOME/lib and have it
recognized by your application.
As for the java.security file, what all is in there? The only
"override" that may apply to that is:
-Djava.security.policy=jar:file:$PHOENIX_HOME/bin/phoenix-loader.jar!/
META-INF/java.policy
on the JVM command line. Can you remove that and have it work?
-pete
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org
RE: Using Cryptix within a mailet
Posted by "Noel J. Bergman" <no...@devtech.com>.
Diego,
This is a question best raised with Avalon, and CC'd to James.
--- Noel
-----Original Message-----
From: Diego Castillo [mailto:diego.castillo@inexbee.com]
Sent: Wednesday, May 07, 2003 10:39
To: james-user@jakarta.apache.org
Subject: Using Cryptix within a mailet
Hi all,
I am trying to use cryptix Security Provider within a mailet. I am
having trouble with the Phoenix JRE, which is not the same as the JRE of
a standalone application.
In a standalone application I need to modify
JRE/lib/security/java.security in order to add the CryptixCrypto
Security Provider. I copy the cryptix .jar file to JRE/lib/ext as well.
This does not work with James. I need to include the cryptix .jar file
inside my james.sar file, and I need to register the CryptixCrypto
Security Provider programmatically.
Why are my JRE settings being ignored within Phoenix?
Is there another way to add a Security Provider for a mailet?
The only Security Providers that I get by default are: SUN, SunJSSE,
SunRsaSign and SunJGSS. This does not correspond to my java.security
file. Which one is being used? My JVM is Sun 1.4.1_01 under W2K SP3.
Regards,
Diego
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: Using Cryptix within a mailet
Posted by "Noel J. Bergman" <no...@devtech.com>.
Diego,
This is a question best raised with Avalon, and CC'd to James.
--- Noel
-----Original Message-----
From: Diego Castillo [mailto:diego.castillo@inexbee.com]
Sent: Wednesday, May 07, 2003 10:39
To: james-user@jakarta.apache.org
Subject: Using Cryptix within a mailet
Hi all,
I am trying to use cryptix Security Provider within a mailet. I am
having trouble with the Phoenix JRE, which is not the same as the JRE of
a standalone application.
In a standalone application I need to modify
JRE/lib/security/java.security in order to add the CryptixCrypto
Security Provider. I copy the cryptix .jar file to JRE/lib/ext as well.
This does not work with James. I need to include the cryptix .jar file
inside my james.sar file, and I need to register the CryptixCrypto
Security Provider programmatically.
Why are my JRE settings being ignored within Phoenix?
Is there another way to add a Security Provider for a mailet?
The only Security Providers that I get by default are: SUN, SunJSSE,
SunRsaSign and SunJGSS. This does not correspond to my java.security
file. Which one is being used? My JVM is Sun 1.4.1_01 under W2K SP3.
Regards,
Diego
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@avalon.apache.org
For additional commands, e-mail: dev-help@avalon.apache.org