Explorer

Programmation RMI Sécurisée

download Plainte

Transcription

Programmation RMI Sécurisée 
Programmation RMI Sécurisée
5 janvier 2012
D’après http ://blogs.oracle.com/lmalventosa/entry/using_the_ssl_tls_based.
A
Code RMI de Base
A.1 Les fichiers
Hello.java
public i n t e r f a c e Hello extends Remote {
public S t r i n g sayHello ( ) throws RemoteException ;
}
HelloImpl.java
public c l a s s HelloImpl extends UnicastRemoteObject implements Hello {
public HelloImpl ( ) throws RemoteException {
super ( ) ;
}
public S t r i n g sayHello ( ) {
r e t u r n " Hello World ! " ;
}
public s t a t i c void main ( S t r i n g a r g s [ ] ) throws E x c e p t i o n {
/ / Get r e f e r e n c e t o t h e RMI r e g i s t r y r u n n i n g on p o r t 3000 i n
the l o c a l host
R e g i s t r y r e g i s t r y = L o c a t e R e g i s t r y . g e t R e g i s t r y ( null , 3 0 0 0 ) ;
/ / Bind t h i s o b j e c t i n s t a n c e t o t h e name " H e l l o S e r v e r "
HelloImpl o b j = new HelloImpl ( ) ;
r e g i s t r y . bind ( " H e l l o S e r v e r " , o b j ) ;
System . out . p r i n t l n ( " H e l l o S e r v e r bound i n r e g i s t r y " ) ;
}
}
HelloClient.java
public c l a s s H e l l o C l i e n t {
public s t a t i c void main ( S t r i n g a r g s [ ] ) throws E x c e p t i o n {
/ / Get r e f e r e n c e t o t h e RMI r e g i s t r y r u n n i n g on p o r t 3000 i n
the l o c a l host
R e g i s t r y r e g i s t r y = L o c a t e R e g i s t r y . g e t R e g i s t r y ( null , 3 0 0 0 ) ;
/ / Lookup t h e r e m o t e r e f e r e n c e bound t o t h e name " H e l l o S e r v e r "
Hello o b j = ( Hello ) r e g i s t r y . lookup ( " H e l l o S e r v e r " ) ;
S t r i n g message = o b j . sayHello ( ) ;
System . out . p r i n t l n ( message ) ;
}
}
Master 2 FSI
P ROGRAMMATION RMI S ÉCURISÉE
Sécurité Internet Réseaux
RmiRegistry.java
public c l a s s RmiRegistry {
public s t a t i c void main ( S t r i n g [ ] a r g s ) throws E x c e p t i o n {
/ / S t a r t RMI r e g i s t r y on p o r t 3000
LocateRegistry . createRegistry (3000) ;
System . out . p r i n t l n ( "RMI r e g i s t r y running on p o r t 3000 " ) ;
/ / Sleep forever
Thread . s l e e p ( Long .MAX\_VALUE) ;
}
}
A.2 Les commandes
$ j a v a RmiRegistry &
RMI r e g i s t r y running on p o r t 3000
$ j a v a HelloImpl &
H e l l o S e r v e r bound i n r e g i s t r y
$ java HelloClient
Hello World !
Utilisation de SSLRMI*SocketFactory
B
B.3 Nouveau code pour HelloImpl
HelloImpl.java
public c l a s s HelloImpl extends UnicastRemoteObject implements Hello {
public HelloImpl ( ) throws RemoteException {
super(0, new SslRMIClientSocketFactory(), new SslRMIServerSocketFactory()) ;
}
public S t r i n g sayHello ( ) {
r e t u r n " Hello World ! " ;
}
public s t a t i c void main ( S t r i n g a r g s [ ] ) throws E x c e p t i o n {
/ / Get r e f e r e n c e t o t h e RMI r e g i s t r y r u n n i n g on p o r t 3000 i n
the l o c a l host
R e g i s t r y r e g i s t r y = L o c a t e R e g i s t r y . g e t R e g i s t r y ( null , 3 0 0 0 ) ;
/ / Bind t h i s o b j e c t i n s t a n c e t o t h e name " H e l l o S e r v e r "
HelloImpl o b j = new HelloImpl ( ) ;
r e g i s t r y . bind ( " H e l l o S e r v e r " , o b j ) ;
System . out . p r i n t l n ( " H e l l o S e r v e r bound i n r e g i s t r y " ) ;
}
}
B.4
$ java
Commandes
-Djavax.net.ssl.trustStore=truststore
-Djavax.net.ssl.trustStorePassword=trustword RmiRegistry &
Master 2 FSI
P ROGRAMMATION RMI S ÉCURISÉE
Sécurité Internet Réseaux
RMI r e g i s t r y running on p o r t 3000
$ java
-Djavax.net.ssl.keyStore=keystore
-Djavax.net.ssl.keyStorePassword=password
HelloImpl &
H e l l o S e r v e r bound i n r e g i s t r y
$ java
-Djavax.net.ssl.trustStore=truststore
-Djavax.net.ssl.trustStorePassword=trustword
HelloClient
Hello World !
Avec Authentification du Client
C
C.5 Nouveau code
HelloImpl.java
public c l a s s HelloImpl extends UnicastRemoteObject implements Hello {
public HelloImpl ( ) throws RemoteException {
super ( 0 , new S s l R M I C l i e n t S o c k e t F a c t o r y ( ) ,
new SslRMIServerSocketFactory(null, null, true) ) ;
}
public S t r i n g sayHello ( ) {
r e t u r n " Hello World ! " ;
}
public s t a t i c void main ( S t r i n g a r g s [ ] ) throws E x c e p t i o n {
/ / Get r e f e r e n c e t o t h e RMI r e g i s t r y r u n n i n g on p o r t 3000 i n
the l o c a l host
R e g i s t r y r e g i s t r y = L o c a t e R e g i s t r y . g e t R e g i s t r y ( null , 3 0 0 0 ) ;
/ / Bind t h i s o b j e c t i n s t a n c e t o t h e name " H e l l o S e r v e r "
HelloImpl o b j = new HelloImpl ( ) ;
r e g i s t r y . bind ( " H e l l o S e r v e r " , o b j ) ;
System . out . p r i n t l n ( " H e l l o S e r v e r bound i n r e g i s t r y " ) ;
}
}
C.6 commandes
$ java
-Djavax.net.ssl.keyStore=keystore -Djavax.net.ssl.keyStorePassword=password −
Djavax . n e t . s s l . t r u s t S t o r e = t r u s t s t o r e −Djavax . n e t . s s l .
t r u s t S t o r e P a s s w o r d =trustword RmiRegistry &
RMI r e g i s t r y running on p o r t 3000
$ j a v a −Djavax . n e t . s s l . k e y S t o r e = k e y s t o r e −Djavax . n e t . s s l .
keyStorePassword=password
-Djavax.net.ssl.trustStore=truststore -Djavax.net.ssl.trustStorePassword=trustword
HelloImpl &
H e l l o S e r v e r bound i n r e g i s t r y
Master 2 FSI
P ROGRAMMATION RMI S ÉCURISÉE
Sécurité Internet Réseaux
$ java
-Djavax.net.ssl.keyStore=keystore -Djavax.net.ssl.keyStorePassword=password −
Djavax . n e t . s s l . t r u s t S t o r e = t r u s t s t o r e −Djavax . n e t . s s l .
t r u s t S t o r e P a s s w o r d =trustword H e l l o C l i e n t
Hello World !
Avec une Suite Cryptographique Précise
D
D.7 Nouveau code
HelloImpl.java
public c l a s s HelloImpl extends UnicastRemoteObject implements Hello {
public HelloImpl ( ) throws RemoteException {
super ( 0 , new S s l R M I C l i e n t S o c k e t F a c t o r y ( ) ,
new SslRMIServerSocketFactory(new String[] "SSL_RSA_WITH_RC4_128_MD5" ,
new String[] "TLSv1",true) ) ;
}
public S t r i n g sayHello ( ) {
r e t u r n " Hello World ! " ;
}
public s t a t i c void main ( S t r i n g a r g s [ ] ) throws E x c e p t i o n {
/ / Get r e f e r e n c e t o t h e RMI r e g i s t r y r u n n i n g on p o r t 3000 i n
the l o c a l host
R e g i s t r y r e g i s t r y = L o c a t e R e g i s t r y . g e t R e g i s t r y ( null , 3 0 0 0 ) ;
/ / Bind t h i s o b j e c t i n s t a n c e t o t h e name " H e l l o S e r v e r "
HelloImpl o b j = new HelloImpl ( ) ;
r e g i s t r y . bind ( " H e l l o S e r v e r " , o b j ) ;
System . out . p r i n t l n ( " H e l l o S e r v e r bound i n r e g i s t r y " ) ;
}
}
D.8
Commandes Associées
$ j a v a −Djavax . n e t . s s l . k e y S t o r e = k e y s t o r e −Djavax . n e t . s s l .
keyStorePassword=password −Djavax . n e t . s s l . t r u s t S t o r e = t r u s t s t o r e −
Djavax . n e t . s s l . t r u s t S t o r e P a s s w o r d =trustword
-Djavax.rmi.ssl.client.enabledCipherSuites=SSL_RSA_WITH_RC4_128_MD5
-Djavax.rmi.ssl.client.enabledProtocols=TLSv1 RmiRegistry &
RMI r e g i s t r y running on p o r t 3000
$ j a v a −Djavax . n e t . s s l . k e y S t o r e = k e y s t o r e −Djavax . n e t . s s l .
keyStorePassword=password −Djavax . n e t . s s l . t r u s t S t o r e = t r u s t s t o r e −
Djavax . n e t . s s l . t r u s t S t o r e P a s s w o r d =trustword HelloImpl &
H e l l o S e r v e r bound i n r e g i s t r y
Master 2 FSI
P ROGRAMMATION RMI S ÉCURISÉE
Sécurité Internet Réseaux
$ j a v a −Djavax . n e t . s s l . k e y S t o r e = k e y s t o r e −Djavax . n e t . s s l .
keyStorePassword=password −Djavax . n e t . s s l . t r u s t S t o r e = t r u s t s t o r e −
Djavax . n e t . s s l . t r u s t S t o r e P a s s w o r d =trustword
-Djavax.rmi.ssl.client.enabledCipherSuites=SSL_RSA_WITH_RC4_128_MD5
-Djavax.rmi.ssl.client.enabledProtocols=TLSv1
HelloClient
Hello World !
Protection du Registry
E
E.9 Nouveau code
HelloImpl.java
public c l a s s HelloImpl extends UnicastRemoteObject implements Hello {
public HelloImpl ( ) throws RemoteException {
super ( 0 , new S s l R M I C l i e n t S o c k e t F a c t o r y ( ) ,
new S s l R M I S e r v e r S o c k e t F a c t o r y ( null , null , t r u e ) ) ;
}
public S t r i n g sayHello ( ) {
r e t u r n " Hello World ! " ;
}
public s t a t i c void main ( S t r i n g a r g s [ ] ) throws E x c e p t i o n {
/ / Get r e f e r e n c e t o t h e RMI r e g i s t r y r u n n i n g on p o r t 3000 i n
the l o c a l host
Registry registry = LocateRegistry.getRegistry(null, 3000,
new SslRMIClientSocketFactory()) ;
/ / Bind t h i s o b j e c t i n s t a n c e t o t h e name " H e l l o S e r v e r "
HelloImpl o b j = new HelloImpl ( ) ;
r e g i s t r y . bind ( " H e l l o S e r v e r " , o b j ) ;
System . out . p r i n t l n ( " H e l l o S e r v e r bound i n r e g i s t r y " ) ;
}
}
HelloClient.java
public c l a s s H e l l o C l i e n t {
public s t a t i c void main ( S t r i n g a r g s [ ] ) throws E x c e p t i o n {
/ / Get r e f e r e n c e t o t h e RMI r e g i s t r y r u n n i n g on p o r t 3000 i n
the l o c a l host
Registry registry = LocateRegistry.getRegistry(null, 3000, new SslRMIClientSocketFactory()) ;
/ / Lookup t h e r e m o t e r e f e r e n c e bound t o t h e name " H e l l o S e r v e r "
Hello o b j = ( Hello ) r e g i s t r y . lookup ( " H e l l o S e r v e r " ) ;
S t r i n g message = o b j . sayHello ( ) ;
System . out . p r i n t l n ( message ) ;
}
}
Master 2 FSI
P ROGRAMMATION RMI S ÉCURISÉE
Sécurité Internet Réseaux
RmiRegistry.java
public c l a s s RmiRegistry {
public s t a t i c void main ( S t r i n g [ ] a r g s ) throws E x c e p t i o n {
/ / S t a r t RMI r e g i s t r y on p o r t 3000
LocateRegistry.createRegistry(3000,
new SslRMIClientSocketFactory(),new SslRMIServerSocketFactory(null, null, true)) ;
System . out . p r i n t l n ( "RMI r e g i s t r y running on p o r t 3000 " ) ;
/ / Sleep forever
Thread . s l e e p ( Long .MAX_VALUE) ;
}
}
E.10
Commandes Associées
$ j a v a −Djavax . n e t . s s l . k e y S t o r e = k e y s t o r e −Djavax . n e t . s s l .
keyStorePassword=password −Djavax . n e t . s s l . t r u s t S t o r e = t r u s t s t o r e −
Djavax . n e t . s s l . t r u s t S t o r e P a s s w o r d =trustword RmiRegistry &
RMI r e g i s t r y running on p o r t 3000
$ j a v a −Djavax . n e t . s s l . k e y S t o r e = k e y s t o r e −Djavax . n e t . s s l .
keyStorePassword=password −Djavax . n e t . s s l . t r u s t S t o r e = t r u s t s t o r e −
Djavax . n e t . s s l . t r u s t S t o r e P a s s w o r d =trustword HelloImpl &
H e l l o S e r v e r bound i n r e g i s t r y
$ j a v a −Djavax . n e t . s s l . k e y S t o r e = k e y s t o r e −Djavax . n e t . s s l .
keyStorePassword=password −Djavax . n e t . s s l . t r u s t S t o r e = t r u s t s t o r e −
Djavax . n e t . s s l . t r u s t S t o r e P a s s w o r d =trustword H e l l o C l i e n t
Hello World !
Master 2 FSI
P ROGRAMMATION RMI S ÉCURISÉE
Sécurité Internet Réseaux

Documents pareils

L`Espace Insertion - Boulogne

L`Espace Insertion - Boulogne

Plus en détail

la decentralisation du revenu minimum d`insertion

la decentralisation du revenu minimum d`insertion

Plus en détail

Fiche 12-01 Contrat Insertion - Revenu minimum d`activité (CI-RMA)

Fiche 12-01 Contrat Insertion - Revenu minimum d`activité (CI-RMA)

Plus en détail

2009.41 - conseilgeneral -adjoint administratif

2009.41 - conseilgeneral -adjoint administratif

Plus en détail

ATTENTION DANGER ! RADIATIONS RMI !!!

ATTENTION DANGER ! RADIATIONS RMI !!!

Plus en détail

Le RMI (Revenu Minimum d`Insertion)

Le RMI (Revenu Minimum d`Insertion)

Plus en détail

Decentralisation du RMI

Decentralisation du RMI

Plus en détail

Document 578151

Document 578151

Plus en détail

JEUX OLYMPIQUES DE 2016 NORMES DE QUALIFICATION

JEUX OLYMPIQUES DE 2016 NORMES DE QUALIFICATION

Plus en détail

Gauche ou droite = précarité

Gauche ou droite = précarité

Plus en détail
2025 © doczz.fr
À propos de nous | DMCA / GDPR | Abuser de