A
Andreas Leitgeb
We've got a network application with Java-GUI (Java Webstart)
and a C++ server with TAO currently talking GIOP/IIOP.
Now, we have to consider switching IIOP to SSLIOP.
Tao got recompiled with ssl-support according to guides
on the net, and our app got recompiled for ssl-enabled TAO.
It was my naive hope, that once the corba-server was using
SSLIOP, then the IOR-file would contain "everything" the client
needs to know in order to speak SSLIOP to the server, yet it
seems it doesn't - or the Java-Client needs some preparation,
as well.
According to wireshark, the corba-client still sends its request
in cleartext. the server answers two packets: one with just binary
data and a cleartext one, saying IDL
mg.org/CORBA/NO_PERMISSION:1.0
Of course, the problem happened already before: when the client
sent cleartext in the first place.
I have googled for "Corba ssliop java" but couldn't find a relevant
one among all the hits. Probably some extra keyword that would restrict
the search to the Java standard library's Corba implementation
would help me (does it have a name?). I even happily accept "lmgtfy"-
urls, if they contain helpful keywords besides those already mentioned.
Also, I'd be happy to know, if it really ought to work out of the
box on Java's side of Corba, (which would imply something was still
wrong with the server-side configuration). Could someone point me to
a public IOR-file (or even mail me an intranet one, whose server I
cannot reach, anyway) that correctly makes Java's standard Corba-impl
initially speak SSLIOP to the server? Don't bother about actual
credentials: just so I can compare it structurally to the IOR
produced from my server.
Thanks in advance!
and a C++ server with TAO currently talking GIOP/IIOP.
Now, we have to consider switching IIOP to SSLIOP.
Tao got recompiled with ssl-support according to guides
on the net, and our app got recompiled for ssl-enabled TAO.
It was my naive hope, that once the corba-server was using
SSLIOP, then the IOR-file would contain "everything" the client
needs to know in order to speak SSLIOP to the server, yet it
seems it doesn't - or the Java-Client needs some preparation,
as well.
According to wireshark, the corba-client still sends its request
in cleartext. the server answers two packets: one with just binary
data and a cleartext one, saying IDL
mg.org/CORBA/NO_PERMISSION:1.0Of course, the problem happened already before: when the client
sent cleartext in the first place.
I have googled for "Corba ssliop java" but couldn't find a relevant
one among all the hits. Probably some extra keyword that would restrict
the search to the Java standard library's Corba implementation
would help me (does it have a name?). I even happily accept "lmgtfy"-
urls, if they contain helpful keywords besides those already mentioned.
Also, I'd be happy to know, if it really ought to work out of the
box on Java's side of Corba, (which would imply something was still
wrong with the server-side configuration). Could someone point me to
a public IOR-file (or even mail me an intranet one, whose server I
cannot reach, anyway) that correctly makes Java's standard Corba-impl
initially speak SSLIOP to the server? Don't bother about actual
credentials: just so I can compare it structurally to the IOR
produced from my server.
Thanks in advance!