jGuru
Register Email     Password Forgot your
password?
HOME FAQS FORUMS DOWNLOADS ARTICLES PEERSCOPE LEARN

  Search   jGuru Search Help

View:
Security FAQ Home Page

FAQ Manager is guru Govind Seshadri PREMIUM.

The Java architecture is very security concious. From the standard Java Cryptography Architecture (JCA) to the Java Crytography Extension (JCE) and beyond, you can build secure enterprise applications. [FAQ Previously managed by John Mitchell and Lennart Jorelid.]

What's New

What is the ktab tool that comes with the JDK?
Java:API:Security
John Zukowski PREMIUM, Sep 28, 2007
The ktab command-line tool is for Kerberos ticket management. Specifically, it is used to help manage entires in the key table. Solaris users can also...
What is the klist tool that comes with the JDK?
Java:API:Security
John Zukowski PREMIUM, Sep 28, 2007
The klist command-line tool is for Kerberos ticket management. Specifically, it is used to list entries in the credential cache and key table.
I have been trying to find a way not only to get the user certificate info - i.e. Authentication via DigitalID, but also to have a digest of the request, signed by the client (Web Browser Only - not the...
Java:API:Security, Java:API:Servlets:Security
Alex Chaffee PREMIUM, Feb 28, 2002
That's an interesting question. I'm pretty sure the answer is "no," at least not without hacking the server. The request *is* signed by the client, ...

We have a small lightweighted applet which establishes a network connection, sends an http request to some server, and receives a reply in xml format. The sandbox principle does not allow us to connect...
Java:API:Security
Jay Meyer, Jan 30, 2002
No. An applet can never connect to another machine. This is a fundamental "sandbox" issue. As long as you use an applet (and not a full-blown non-applet...
I have a simple JDBC connection to Oracle using Oracle's thin JDBC driver which works great. Now I would like to modify my program so that the data I send to the DB is encrypted. The readme notes...
Java:API:Security
Jay Meyer, Jan 30, 2002
Oracle Technet has all the docs online for free. You will need to register at technet.oracle.com. Here's the link I found. It spells out how to use...
I've got an text password and a string passed to me encrypted with Perl using Blowfish. I am using bouncycastle and cannot figure out how to make a SecretKey and PBEParameterSpec so that I can decrypt...
Java:API:Security
Steve McRoberts, Jan 30, 2002
In case someone else runs into this: Most important Blowfish != Blowfish. There are several methods of creating the initialization vector and handling...
Where can I get a list of good code obfuscators currently available?
Java:API:Security
Alessandro A. Garbagnati PREMIUM, Jan 26, 2002
Here are some good obfuscators currently available: JProof JShrink JReveal CodeShield for Java Condensity Force5 KlassMaster
Need secure date based lisence protection that will allow me to kill execution of a servlet after x days without a new key. I need help building a lisence protection scheme into a servlet that will stop...
Java:API:Security
Eugene Kuleshov PREMIUM, Jan 22, 2002
I've been told that this feature is planned for Saffeine 1.1. It will be enable to protect web applications and their license already have expiration ...
How do I sign a JAR file using jarsigner?
Java:API:Security
Govind Seshadri PREMIUM, Dec 31, 2001
There are many ways by which you can sign a JAR file using jarsigner. One way would be: jarsigner -keystore C:\working\mystore -signedjar sbundle.jar...
What is Kerberos? Can I use it from Java?
Java:API:Security
Govind Seshadri PREMIUM, Dec 31, 2001
Kerberos is a trusted third party network authentication protocol, initially developed as a part of MIT's Project Athena. Kerberos was designed to provide...
Is there a Java API for PGP?
Java:API:Security
Govind Seshadri PREMIUM, Dec 31, 2001
Yes, there is an implementation available which provides methods for accessing PGP 2.3a. It interacts with PGP via JNI. The files generated with this...
We have installed a self-signed certificate for apache mod_ssl and JSSE examples complain about the security chain AND the names not being the same, and give an exception. How can we get around this? A...
Java:API:Security
Eelco Cramer PREMIUM, Dec 26, 2001
I found this solution (with code example) on the javasoft forums.
My domain name is assigned for a specific IP address(normal). Because in the same WebLogic server, in the same Unix box, under the same internal IP address are running 2 applications, if the http address...
Java:API:Security
Patrick Deloulay, Dec 21, 2001
The matching between the certificate and server hostname can be disbaled dynamically by adding this piece of code URL jsseUrl = new URL( "https",...
What signing tool to use if your applet needs to run in Microsoft Browser and netscape Browser?
Java:API:Security
Sandy McPherson, Nov 30, 2001
The following is an excerpt from java.sun.com http://java.sun.com/products/jsse/doc/guide/API_users_guide.html#TestInstall Creating a Certificates...
I am trying to cipher a string and am using weblogic6.0, when i run it as an application the code works, but not when i put it on the application server. Error msg it gives: <Error> <HTTP>...
Java:API:Security
Amol Sant, Nov 30, 2001
The JDK/JRE used by weblogic is different from the one that you use on the command line. Check the security file (java.security) for that JDK...
I've been trying to set up jaas authentication modules on the following : a) ATG b) WLS and c)JRun. WLS has built in JAAS support but the other two do not. Building JAAS auth decreases my work and...
Java:API:Security
Alan Ko, Nov 28, 2001
Here's how to set up JAAS in JRun: 1) Assuming you have a JAAS module just like the one at http://java.sun.com/j2se/1.4/docs/guide/security/jaa...
How can I encrypt XML documents and transmit them to a remote server?
Java:API:Security
Shiva dacherla, Nov 28, 2001
There is a tool from IBM which handles the Encryption/Decryption of XML documents. You can also do the encryption at element level. The name of the tool...
How do I pass an X509 certificate through cascading https servers? Background: I have a servlet running on web server that requires an X509 Certificate. The servlet needs to call several other URL's...
Java:API:Security
Rob Fielding, Nov 28, 2001
You can forward the certificate on to another tier,but the certificate itself doesn't actually do much unless you can challenge the certificate holder...
I need to receive PKCS12 files and obtain X509Certificates from them in order to extract information. How do I do this?
Java:API:Security
Berin Loritsch, Oct 29, 2001
Keytool can read PKCS12 files as generated by Netscape. It will treat them as a keystore. An example would be: keytool -list -rcs -keystore myfile.p12...
I am trying to import a private key generated outside of Java into my keystore with keytool. It seems logical to use the $keytool -import -file my.key -alias foo command, but I get an error...
Java:API:Security
Berin Loritsch, Oct 29, 2001
You can't import PKCS12 files. Period. However, they can be used AS a keystore.
« previous beginning next »


Ask A Question



Related Links

Security Forum

Java Security Home

Java Security Documentation

jGuru.com Fundamentals of Java Security tutorial

The Java Secure Socket Extension (JSSE) with SSL support

Wish List
Features
About jGuru
Contact Us

 




JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers
Solutions
Whitepapers and eBooks
IBM Whitepaper: Innovative Collaboration to Advance Your Business
Internet.com eBook: Real Life Rails
Avaya Article: Call Control XML - Powerful, Standards-Based Call Control
Internet.com eBook: The Pros and Cons of Outsourcing
Go Parallel Article: Scalable Parallelism with Intel(R) Threading Building Blocks
Internet.com eBook: Best Practices for Developing a Web Site
IBM CXO Whitepaper: The 2008 Global CEO Study "The Enterprise of the Future"
Avaya Article: Call Control XML in Action - A CCXML Auto Attendant
Go Parallel Article: James Reinders on the Intel Parallel Studio Beta Program
IBM CXO Whitepaper: Unlocking the DNA of the Adaptable Workforce--The Global Human Capital Study 2008
Adobe Acrobat Connect Pro: Web Conferencing and eLearning Whitepapers
Go Parallel Article: Getting Started with TBB on Windows
HP eBook: Storage Networking , Part 1
MORE WHITEPAPERS, EBOOKS, AND ARTICLES
Webcasts
Go Parallel Video: Intel(R) Threading Building Blocks: A New Method for Threading in C++
HP Video: Is Your Data Center Ready for a Real World Disaster?
Microsoft Partner Portal Video: Microsoft Gold Certified Partners Build Successful Practices
HP On Demand Webcast: Virtualization in Action
Go Parallel Video: Performance and Threading Tools for Game Developers
 Rackspace Hosting Center: Customer Videos
Intel vPro Developer Virtual Bootcamp
HP Disaster-Proof Solutions eSeminar
HP On Demand Webcast: Discover the Benefits of Virtualization
MORE WEBCASTS, PODCASTS, AND VIDEOS
Downloads and eKits
Microsoft Download: Silverlight 2 Software Development Kit Beta 2
30-Day Trial: SPAMfighter Exchange Module
Red Gate Download: SQL Toolbelt
Iron Speed Designer Application Generator
Microsoft Download: Silverlight 2 Beta 2 Runtime
MORE DOWNLOADS, EKITS, AND FREE TRIALS
Tutorials and Demos
IBM IT Innovation Article: Green Servers Provide a Competitive Advantage
Microsoft Article: Expression Web 2 for PHP Developers--Simplify Your PHP Applications
 Featured Algorithm: Intel Threading Building Blocks - parallel_reduce
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES