Chapter 21 Using SSL in ActiveX Clients

Establishing a secure session

To create a secure session between your Java application and the Jaguar server, you must configure SSL settings before using one of the standard techniques to instantiate proxies for the Jaguar components.

You can configure the settings required for SSL connections using two techniques:

• By setting ORB properties When using this technique, the required SSL settings must be known in advance, and your application can connect only to servers that use certificates issued by a known, trusted certificate authority.
• By using the SSLServiceProvider interface The SSLServiceProvider interface allows your application to determine what options are available at runtime. In addition, you can supply a callback class with methods that supply settings as needed and respond to exceptional cases. For example, the client ORB invokes callback methods if the application specifies an invalid certificate password or if a connection is made to a server that uses certificate issued by an unknown certificate authority.

Applications that run without user interaction typically configure SSL settings with the ORB properties. Interactive applications typically use the SSLServiceProvider interface and install a callback. When a callback is installed, you can rely on user interaction in the callback methods to configure necessary settings. For example, if the certificate password has not been supplied, the ORB invokes the getPin callback method.

If you have correctly configured the required SSL settings, then you can use any of the standard techniques to instantiate proxies as described in "Instantiating proxies using CORBA-style interfaces". Proxies are created in a secure session as long as you connect to a listener that supports the requested level of security.

The following sections describe these topics in detail:

• "Using the SSLServiceProvider interface" describes how to instantiate a proxy for the SSLServiceProvider interface.
• "SSL properties" summarizes the SSL settings and lists the ORB property and SSLServiceProvider properties for each setting.
• "Implementing an SSL callback" describes how to implement an SSL callback class.

Copyright © 2000 Sybase, Inc. All rights reserved.