Thanks James.
In this particular case, the first problem I was trying to solve was
simply allowing a Lingo client to relax/control the TLS/SSL
certificate acceptance criteria.
Using the ssl:// transport, the SslTransportFactory that ships with
ActiveMQ simply returns the default SSLContext which will get
initialised with the Java standard Key & Trust managers and I
couldn't find a way to over-ride this.
My simple solution for now was to register a new transport provider
that returns a sever and client socket factory from an SSL context
that we initialize with custom key store trust manager, like this:
/**
* An implementation of the TCP Transport using SSL with a key
manager set up
* to use a custom key manager [EMAIL PROTECTED] ObservantTrustManager}
*
* @version $Revision: $
*/
public class SslTransportFactory extends TcpTransportFactory {
SSLSocketFactory socketFactory;
SSLServerSocketFactory serverSocketFactory;
public SslTransportFactory() {
TrustManager[] myTM;
try {
myTM = new TrustManager[] { new
ObservantTrustManager(null) };
KeyManagerFactory kmf;
KeyStore ks;
char[] passphrase = "obstorepass".toCharArray();
SSLContext ctx = SSLContext.getInstance("TLS");
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("JKS");
ks.load(SslTransportFactory.class.getResourceAsStream("/
observant.ks"), passphrase);
kmf.init(ks, passphrase);
ctx.init(kmf.getKeyManagers(), myTM, null);
socketFactory = ctx.getSocketFactory();
serverSocketFactory = ctx.getServerSocketFactory();
} catch (NoSuchAlgorithmException e) {
throw new IllegalStateException("Failed to set up trust
manager",e);
} catch (KeyStoreException e) {
throw new IllegalStateException("Failed to set up trust
manager",e);
} catch (KeyManagementException e) {
throw new IllegalStateException("Failed to set up trust
manager",e);
} catch (CertificateException e) {
throw new IllegalStateException("Failed to set up trust
manager",e);
} catch (IOException e) {
throw new IllegalStateException("Failed to set up trust
manager",e);
} catch (UnrecoverableKeyException e) {
throw new IllegalStateException("Failed to set up trust
manager",e);
}
}
protected ServerSocketFactory createServerSocketFactory() {
return serverSocketFactory;
}
protected SocketFactory createSocketFactory() {
return socketFactory;
}
}
Its a rough work around but for now it will serve the purpose of
allowing our trust manager to interact with the user to authorise the
connection attempt. I realise that this does nothing with respect to
security on each end of the connection, but simply ensure the channel
is not easily intercepted.
Thanks,
Matthew
On 14/02/2007, at 9:37 PM, James Strachan wrote:
On 2/14/07, J. Matthew Pryor <[EMAIL PROTECTED]> wrote:
We are using SSL to allow clients and servers to connect together
with Lingo doing the actual RPC mechanism on top of ActiveMQ (no
persistent store).
I have read http://activemq.apache.org/how-do-i-use-ssl.html and this
is fine is all the certificates are know before the JVM starts up,
but we need to be able to allow new certificates at any time (with
user interaction/authorisation).
I haven't had a lot of luck looking for more information on how to
set up certificate providers etc to allow for dynamic checking of
certificates prior to connection.
The major benefit we want is that the client can dynamically decide
if if wants to allow a connection, but once the connection is
established it has all the benefits of an SSL connection.
Pointers appreciated
There's not a whole lot of documentation available, since noone's ever
tried this I'm afraid :)
The best starting point is here...
http://activemq.apache.org/security.html
I've just tacked on a little section at the end to describe how to
write your own custom security plugin (it'll take 1-2 hours for the
site to update, so here's the wiki until then...)
http://cwiki.apache.org/confluence/display/ACTIVEMQ/Security
--
James
-------
http://radio.weblogs.com/0112098/
