Re: SSL Secure Endpoints never fully utilised by River services

Right, so I've added a couple of convenience methods to net.jini.security.Security Now all service implementations capture their context at creation and executors run with that context, when performing remote calls. /** * Decorates a callable with the given context, and allows it to be

Re: SSL Secure Endpoints never fully utilised by River services

There are lots of details around lost login context. I had to wire up some of that in my swing/awt infrastructure. This is required so that those event/callbacks also assert the right credentials. Gregg Sent from my iPhone > On Apr 21, 2018, at 1:06 AM, Peter wrote: > >

Re: SSL Secure Endpoints never fully utilised by River services

To be more accurate it limits the call backs to anon client connections, which is vulnerable to man in the middle attacks. The way to fix this is to ensure the login context is preserved and utilised when making call backs. On 21/04/2018 9:57 AM, Peter wrote: It's clear to me now that the