Hi,
I'm new to this list and XMLRPC. It's taking me some time to fully digest
XMLRPC 3 and how everything fits together, and I figured it's time to swallow
my pride and see if I can get a nudge in the best direction.
My client will exclusively be an XmlRpcClient object. For the server side,
it's kind of two-pronged. In production, I plan on using Apache/Tomcat (so
I'll write some servlets that extend XmlRpcServlet and the needed handlers as
well, then just set up web.xml to know where the servlets are). I also need to
be able to have a stand-alone server for testing, and for that,
ServletWebServer should work perfectly.
So far so good with that aspect, in fact, I've written some prototype code, and
it all seems to work just fine.
The area I'm stuck with has to do with data encryption. All of the payload
(but not necessarily the HTTP headers themselves) need to be encrypted in a way
that they can't be decrypted. I've messed around with SSL, but was hoping to
be able to do something simpler. I've assumed (but I could be wrong) that a
simpler approach would be to avoid SSL/cert/key pain and just encrypt at the
proper point during transmission and decrypt at the proper point during
receiving (possibly using a shared key since I control both sides). But in
looking at the javadoc, it's not immediately obvious to me where I'd put such
code or what I'd need to extend.
Can someone steer me in the right direction? I'm not opposed to SSL at this
point, I just want to find the simplest but proper way to proceed.
Thanks,
Mike Boyers
