Sun Java System Application Server Platform Edition 8.1 2005Q2 Update 2 Administration Guide

ProcedureTo secure CORBA objects

CORBA objects include Java RMI-IIOP and Java IDL or POA based CORBA objects, excluding EJB modules. By default, authentication is not required for CORBA objects.

  1. Configure authentication, if desired.

    1. Expand the ORB node, and then the IIOP Listeners node.

    2. Click the SSL listener.

    3. Select the Security Enabled checkbox.

    4. Click Save.

    5. Restart the Application Server.

    Once authentication is turned on, all clients need to authenticate by supplying a user name and password (if using basic authentication) or a certificate (if using SSL mutual authentication).

  2. Configure authorization.

    To turn on authorization for CORBA objects, specify the appropriate security policy in the server’s security configuration file, domain-dir/config/server.policy.

    By default, all users are allowed to access all non-EJB CORBA objects in the server, as specified by the following default grant block:

    grant { permission com.sun.enterprise.security.CORBAObjectPermission "*", "*"; }

    CORBAObjectPermission is a special Java Permission class that controls which users are allowed to access non-EJB CORBA objects in the server. CORBAObjectPermission takes two parameters:

    • A CORBA object name.

      In the Application Server, only the name “*” is supported, that is, it is not possible to specify a specific CORBA object name.

    • A comma-separated list of method names.

      In the Application Server, only “*” is supported, that is, it is not possible to specify a specific method name.

    The general form of a CORBAObjectPermission grant block is:

    grant principal principal-class-name "principal-name" { 
       permission com.sun.enterprise.security.CORBAObjectPermission "*", "*"; 
    }

    where the principal-class-name is either:

    • com.sun.enterprise.deployment.PrincipalImpl (for a single principal)

    • com.sun.enterprise.deployment.Group (for a named group of principals)

  3. Configure message protection:

    Integrity and confidentiality of IIOP messages used in requests and replies during CORBA invocations can be protected by using SSL. By default, the server supports both plain IIOP and IIOP-over-SSL invocations.

    1. To force clients to use only SSL for IIOP invocations, remove all non-SSL iiop-listener elements in the iiop-service element in domain.xml.

      This ensures that the server will not service plain IIOP invocations. By default, application clients use plain IIOP for making requests if the server supports plain IIOP.

    2. To force the client to use SSL, a change is needed in the application client configuration file sun-acc.xml (which is also located in the domain’s config directory).

      Specifically, the property ssl with value required should be added inside the <client-container> element, as follows:

      <client-container>
         <property name=”ssl” value=”required”/>
         <target-server .... />
      </client-container>