JGDMS Project 3.0-SNAPSHOT API Documentation

Skip navigation links

Module :: JGDMS RMI TLS 3.0-SNAPSHOT API

Release Notes for net.jini.activation net.jini.activation
JGDMS v3.0.0 Release Notes Description The Description

Packages 
Package Description
au.net.zeus.rmi.tls
Subject Authentication The TlsRMIClientSocketFactory and TlsRMIServerSocketFactory socket creation methods authenticate as a single Principal if the following items are present in the Subject at the time of socket creation for the establishment of secure connections and control access to the Registry to secure Phoenix Activation when: One or more principals of type X500Principal For each principal, one or more certificate chains, stored as public credentials, and represented by instances of CertPath, whose getType method returns "X.509", and for which calling getSubjectDN on the certificate chain's first element returns that principal's name For each certificate chain, an instance of X500PrivateCredential, stored as a private credential, whose getCertificate method returns a value equal to the first element of the certificate chain, and whose getPrivateKey method returns the associated private key These RMISocketFactory's are not for use as standard JRMP Endpoint's, they are final and not Serializable.
Release Notes for net.jini.activation

net.jini.activation
JGDMS v3.0.0 Release Notes

    Description

    The net.jini.activation package provides extensions to the Java(TM) Remote Method Invocation (Java RMI) activation framework.

    Changes since the v2.2.0 release

    None

    Changes since the v2.1.1 release

    None

    Changes since the v2.0.1 release

    Disabled permission propagation

    ActivatableInvocationHandler by default no longer attempts to propagate dynamic permission grants from the dynamic proxy to the underlying activation identifier. If this functionality is required, it can be enabled by setting the org.apache.river.activation.enableActivateGrant system property to true. If the phoenix activator has been configured to allow anonymous client activation requests, and the invocation constraints on the underlying activation identifier have been configured to allow anonymous activation calls, it is not necessary to enable this. That should be the preferred configuration. However, if the activator has been configured to use Kerberos authentication, then anonymous calls are not supported, and you will either have to enable the activate grant in clients and dynamically grant sufficient AuthenticationPermission and GrantPermission to the proxy to permit activation calls to succeed, or else statically grant sufficient AuthenticationPermission to downloaded code in clients to permit activation calls to succeed.

Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Skip navigation links
Copyright ©, multiple authors.
  • Prev
  • Next

Copyright © 2016–2018. All rights reserved.