Code sample to access imap server over ssl via javamail 1.3.2

Similar Messages

• Cannot find api to implement RIDC connect WebCenter Content Server over SSL

  Hi WebCenter Content team,
  I find the following sample code from http://docs.oracle.com/cd/E23943_01/doc.1111/e10807/c23_ridc.htm#BJFIHEHI
  Example 23-6 IDC Protocol over SSL
  +// build a secure IDC client as cast to specific type+
  IntradocClient idcClient = (IntradocClient)
  manager.createClient("idcs://localhost:4443");
  +// set the SSL socket options+
  config.setKeystoreFile("ketstore/client_keystore");  //location of keystore file
  config.setKeystorePassword ("password");      // keystore password
  config.setKeystoreAlias("SecureClient");  //keystore alias
  config.setKeystoreAliasPassword("password");  //password for keystore alias
  I downloaded RIDC package from Individual Component Downloads in http://www.oracle.com/technetwork/middleware/webcenter/content/downloads/index.html.
  But cannot find the above methods in IdcClientConfig and its subclasses. For example, cannot compile the following code.
  IdcClientConfig config = idcClient.getConfig();
  config.setKeystoreFile("ketstore/client_keystore");  // no such method
  Could you please give a correct example.
  Thanks a lot.

  Most likely the port. RIDC listens usually at 4444, 16200 is the port for browser-based communication.

• Connecting to a remote OpenLDAP server over SSL.

  I've been trying for several weeks now to get a remote OpenLDAP server up and running; configured in such a way that it only allows SSL and requires certificate validation.
  I've created a CA with a self-signed certificate.
  I used that CA to create a server and client certificate.
  The server certificate is in /etc/ssl/certs, has a link by the name of its hash.0 pointing to it; permissions are all correct and /etc/ssl/slapd.conf point to it and the CA certificate.
  The client certificate is on my MacBook Pro in /etc/ssl/certs along with the CA certificate; each of which also has its hash linked to it. /etc/ssl/ldap.conf is set up properly, the permissions are correct, and the following test command ran as my user produces a successful result:
  ldapsearch -v -x -H ldaps://ldap.foo.org -b "dc=foo,dc=org" -d -1
  Now the problem part. I open Directory Utility; go to Services with Advanced Settings enabled. After unlocking it, I click the LDAPv3 and the pencil icon.
  I hit New... in the window that pops up and use ldap.foo.org as servername, SSL box ticked. I hit Continue, and behold; nothing happens.
  It is to say; Directory Utility hangs for a while; after which it goes back to the box I clicked Continue in without any error or warning popping up; but obviously hasn't advanced.
  The server logs indicate my Mac had actually connected; received the server certificate; but didn't send a client certificate at which point the TLS connection got aborted for some reason and the session ended.
  My Mac Console shows something even more bizare, though:
  11/09/08 23:09:22 com.apple.DirectoryServices[97123] Assertion failed: (ld != NULL), function ldapsearchext, file search.c, line 76.
  My suspicion is that Directory Utility can't verify the server certificate and aborts the TLS connection. I expect it also uses /etc/openldap/ldap.conf? How can I diagnose the root of this problem?
  Thanks a lot for your assistance; I just can't figure this out and any hint or pointer would be greatly appreciated. It now just looks like OSX does not support a secure LDAP over SSL configuration.
  Though it currently isn't set up to be that way, I'd like to have my client also provide a certificate (CN=lhunath.foo.org) and have the server validate that. For now I've got the server set to:
  TLSVerifyClient never
  (And of course, the client:)
  TLS_REQCERT demand
  Message was edited by: lhunath

  By the way; about the assertion error I get in Console; here's the relevant source of ldap.c. Looks like ld is not set; probably something going wrong before that with setting up the TLS connection, perhaps? Or not?
  * ldapsearchext - initiate an ldap search operation.
  * Parameters:
  * ld LDAP descriptor
  int
  ldapsearchext(
  LDAP *ld,
  assert( ld != NULL );

• Trying to connect to an AD LDAP over SSL via OPEN_SSL

  Hello,
  We are getting the error below when we attempt to run this code. Any ideas? Does this point to an incorrectly configured wallet and/or certificate?
  DECLARE
  BEGIN
  l_session := DBMS_LDAP.init ( hostname => l_ldap_host_in, portnum => l_ldap_port_in );
  l_retval := DBMS_LDAP.OPEN_SSL(l_session, owallet_loc, owallet_pwd, 2); -- Over SSL
  l_retval := DBMS_LDAP.simple_bind_s ( ld => l_session, dn => l_ldap_dn_in, passwd => l_ldap_password_in );
  l_retval := DBMS_LDAP.unbind_s(l_session);
  END;
  Error report:
  ORA-31202: DBMS_LDAP: LDAP client/server error: UnKnown Error Encountered
  ORA-06512: at "SYS.DBMS_SYS_ERROR", line 86
  ORA-06512: at "SYS.DBMS_LDAP", line 1457
  ORA-06512: at "SYS.DBMS_LDAP", line 1234
  ORA-06512: at line 21
  31202. 00000 - "DBMS_LDAP: LDAP client/server error: %s"
  *Cause:    There is a problem either on the LDAP server or on the client.
  *Action:   Please report this error to the LDAP server administrator or
  your Database administrator.
  Any help will be greatly appreciated! Thank you,
  Alex.

  We had never tried this before. I'm the Programmer trying to make the code work. I found this other thread Google'ing https://kr.forums.oracle.com/forums/thread.jspa?threadID=494022&start=15&tstart=0 and asked our Network Admin and our DBA to follow steps 1 and 2 and provide location to the wallet and password when they were done, which they did.
  Now I'm testing the code and getting that error. I was about to report it to them, but I thought I should try and help by providing a possible fix, or maybe the code is the problem?
  Alex.
  Edited by: alarzabal on Dec 7, 2011 6:24 PM

• Issues with WebDav over SSL via Terminal Server when Accessing SharePoint 2013

  Hi All,
  We have deployed a terminal server from which multiple users access and heavily use SharePoint 2013 (hosted on a separate server). The SharePoint site is published to the internet and is operating over an SSL certificate. Over the last few months we have
  been encountering a randomly occurring issue where all the users become unable to use Open with Explorer or mapped drives to access the site. During this time they can still access the site through the browser OK and download files etc. This issue sometimes
  reoccurs every few days, although at points it hasn't occurred for a couple of weeks before resurfacing.
  Current Terminal Server Config
  TS 2008 R2 Enterprise
  Site added to Trusted Sites. (have checked during broken time and still recognized as trusted)
  Using IE 11, site added as compatibility view
  Registries updated as below
  reg add HKLM\SYSTEM\CurrentControlSet\Services\WebClient\Parameters /v AuthForwardServerList /t REG_MULTI_SZ /d "*.clientsite.com"
  reg add HKLM\SYSTEM\CurrentControlSet\Services\WebClient\Parameters /v BasicAuthLevel /t REG_DWORD /d 2 /f
  reg add HKCU\Software\Microsoft\Office\14.0\Common\Internet /v BasicAuthLevel /t REG_DWORD /d 2 /f
  registry added for tabprocgrowth added to 2
  My test result are below:
           Restarting the SharePoint server or the terminal server will resolve the behaviour
  until the issue occurs again.
  Users on the terminal server can still open the
  ttps://clientsite2.harrierhc.com
  URL (this url is bound to the same UCC cert) with open with explorer during this time.
  While users are unable to access the ttps://clientsite.harrierhc.com
  URL, if they access the same site from WebDAV with a separate binding (e.g. ttp://clientsite the behaviour works fine.
  All other users not on the terminal server can still use the open with explorer behaviour during this time.
  IIS reset on the SP Server & restarting the web client service on the terminal server have no impact
  Reimporting the IIS certs have no impact
  There are numerous errors in both server’s event logs but none at the time of the issue instigation.
  Clearing the IE cached certificates has no impact
  Going to IE properties for the site and clicking the ‘Install Certificate’ has no impact
   Any ideas or suggestions would be much appreciated. If you need any more info let me know. (sorry for the ttps:// links cant be posted until my account is verified?
  Thanks again

  Hiya,
  are there any load balancers involved?

• Accessing windows server shared folders via IOS devices.

  FileExplorer did it! Thanks a bunch.

  Looking for suggestions on what route I should go in order to establish connections from IOS devices w/ VPN to windows server 2008 shared folders. Mostly just for employees to upload  files to, downloading isn't a big deal. I'm sure there's apps out there that'll achieve this goal so if I'm correct I'm looking for recommendations! Or if there's a better way entirely.
  Thanks friends.
  This topic first appeared in the Spiceworks Community

• Corrupted attachments in Mail.app connecting to an IMAP server

  Hi,
  I'm using Mail.app to connect to our local IMAP server (over SSL). For a long while, I've had problems with large attachments being corrupted when I open a message in Mail. If I view the same message in our webmail client (which also talks to the IMAP server), the attachments are uncorrupted.
  If I save a message as source and decode using a mime64 decoding tool, the attachments are corrupted in the same way as from within mail. This is most clearly visible when the attachment is a large jpeg.
  If I remove the locally cached messages by deleting the /Library/Mail/IMAP-xxxxx folder, then re-download all the messages, the attachments will be often corrupted in a different position in the image.
  Using another IMAP mail client (Thunderbird) on the same machine to connect to the same IMAP server shows no corruption in the same messages which are corrupted in Mail.app.
  I can't say whether this problem was introduced with Tiger, but it has persisted for a long time. This problem is only for INCOMING attachments; I have had no problems with corruption in the attachments I send to others.
  Other Tiger Mail.app users in the building have the same issue. Any suggestions to identify and fix this problem will be greatly appreciated. It's possible it's bug in Mail, and I would be happy to contribute any information or perform any testing required to fix it.
  Using:
  Mail.app v2.1 (752/752.2)
  Thunderbird v1.5.0.7 (20060909)
  Mac OS X 10.4.8 Build 8L127
  1 Ghz Powerbook G4 with 1.25 GB RAM
  Best regards,
  Dylan
  Powerbook G4 Mac OS X (10.4.8)
  Powerbook G4   Mac OS X (10.4.8)  

  The right way of doing that would be rebuilding the
  mailbox, i.e. select it and do Mailbox >
  Rebuild. Does that make a difference?
  Rebuilding the mailbox — no difference. The attachments are corrupted at a different position in the image, but still corrupted.
  Another thing to try would be trashing the Mail
  cache, i.e., quit Mail, in the Finder go to
  Trashing the Mail Cache — no difference. The attachments are not re-downloaded from the server, and so the position of the corruption in the image doesn't change.
  What happens if you move or copy the message to a
  local "On My Mac" mailbox, and open the local copy
  instead?
  The local copy then has corrupted attachments.
  /Library/StartupItems/
  Empty.
  /Library/InputManagers/
  SIMBL
  ~/Library/InputManagers/
  Empty.
  /Library/Mail/Bundles/
  Empty.
  ~/Library/Mail/Bundles/
  GPGMail
  Mail.appetizer
  A quick test — disabling these plug-in components has no effect on the corrupted messages, even after re-building the mailbox in question.
  I should point out again that it's not just my machine that's affected by this problem. I verified today that other users of the same server are also affected. This isn't likely to be caused by a quirky configuration on my machine.
  Also, open System Preferences, and go to
  Accounts > Login Items. What do you see
  there?
  LittleSnitchDaemon
  iCalAlarmScheduler
  iCal
  Mail
  SmartReporter
  LiteSwitchX
  MicrosoftMouseHelper
  MouseLocatorAgent
  Skype
  Last.fm
  Renicer
  The items below the line have been added recently, and the problem was definitely there before hand.
  Dylan.
  Powerbook G4   Mac OS X (10.4.8)  

• How write rmi-iiop over ssl with weblogic server 6.1 - No server found

  //New
  Hello,
  I have written an appication like this:
  - An EJB server running on Weblogic server 6.1
  (named: BankServerHome)
  -A java client calling the BankServer.
  Platform: windows 2000 - jdk1.3
  Now I want to secure the communication with SSL protocol.
  I have done this:
  -generate a key peer with weblogic service named certificate.
  -send the CSR to a CA and place the answer into the weblogic
  server certificate directory.
  -update path for ServerCertificateChainFileName,
  ServerCertificateFileName, ServerKeyFileName into config.xml.
  -launch weblogicServer
       -> server certificate is recognized
       -> listening port 7001 and 7002.
  (-stop weblogicServer!)
  At now, all is all right, errors come hereafter:
  Then I follow the guideline "Programming weblogic Security" (version of 30/07/2001).
  "To use RMI over IIOP over SSL with a Java client, do the following:
  2. Extend the java.rmi.server.RMISocketFactory class to handle SSL socket
  connections. Be sure to specify the port on which WebLogic Server listens for
  SSL connections. For an example of a class that extends the
  java.rmi.server.RMISocketFactory class, see Listing 4-22.
  3. Run the ejbc compiler with the -d option.
  4. Add your extension of the java.rmi.server.RMISocketFactory class to the
  CLASSPATH of the Java client.
  5. Use the following command options when starting the Java client:
  -xbootclasspath/a:%CLASSPATH%
  -Dorg.omg.CORBA.ORBSocketFactoryClass=implementation of java.rmi.server.RMISocketFactory
  -Dssl.certs=directory location of digital certificate for Java client
  -Dssl.key=directory location of private key for Java client"
  At step 3. I found into documentation that -d is linked to a directory name.
  When I run ejbc with this option -d I have the message:
  "ERROR: You must specify an output directory or jar with the -d option to weblogic.ejbc."
  % So what option can I use to run ejbc for secure usage?
  At step 5. Whatever I write for -Dorg.omg.CORBA.ORBSocketFactoryClass,
  this pointed class is not instanciated.
  Then I can not create a socket with my client.
  The folowing exception is raised:
  javax.naming.CommunicationException [Root exception is java.net.ConnectException:
  No server found at T3S://localhost:7002]
  So, my questions are:
  % Why -Dorg.omg.CORBA.ORBSocketFactoryClass must be known by the client and not
  the server?
  My java client part, managing connection is:
  -------------------BEGIN OF CONNECTION MANAGER-------------------
  Properties env = new Properties ();
  // Shouldn't have to do this, but for now you must
  if ( factory.equals ("weblogic.jndi.WLInitialContextFactory") ) {
  env.put ("java.naming.provider.url", "t3s://localhost:7002");
  InitialContext context = new InitialContext (env);
  BankSessionServerHome bssh = (BankServerHome) context.lookup("BankServerHome");
  BankServer = bssh.create();
  -------------------END OF CONNECTION MANAGER-------------------
  I have also try
  env.put ("java.naming.provider.url", "corbaloc:iiop://localhost:7002");
  but it throws the following error
  javax.naming.InvalidNameException: url does not conatin !!!
  % What is the code for the java client allowing connection with the ejb?
  % And better, can I have a sample example for rmi-iiop over ssl?
  (...wlserver6.1\samples\examples\iiop\ejb\stateless\rmiclient\client.java do not
  speak ssl!)
  Any help will be appreciate from you...
  Best Regards.
  Oliver

  "oliver" <[email protected]> writes:
  The SSL support is poorly doc'd right now. We have fixed this and
  updated the way you do things in SP2. Please either wait for SP2 or
  contact support.
  andy
  I have written an appication like this:
  - An EJB server running on Weblogic server 6.1
  (named: BankServerHome)
  -A java client calling the BankServer.
  Platform: windows 2000 - jdk1.3
  Now I want to secure the communication with SSL protocol.
  I have done this:
  -generate a key peer with weblogic service named certificate.
  -send the CSR to a CA and place the answer into the weblogic
  server certificate directory.
  -update path for ServerCertificateChainFileName,
  ServerCertificateFileName, ServerKeyFileName into config.xml.
  -launch weblogicServer
       -> server certificate is recognized
       -> listening port 7001 and 7002.
  (-stop weblogicServer!)
  At now, all is all right, errors come hereafter:
  Then I follow the guideline "Programming weblogic Security" (version of 30/07/2001).
  "To use RMI over IIOP over SSL with a Java client, do the following:
  2. Extend the java.rmi.server.RMISocketFactory class to handle SSL socket
  connections. Be sure to specify the port on which WebLogic Server listens for
  SSL connections. For an example of a class that extends the
  java.rmi.server.RMISocketFactory class, see Listing 4-22.
  3. Run the ejbc compiler with the -d option.
  4. Add your extension of the java.rmi.server.RMISocketFactory class to the
  CLASSPATH of the Java client.
  5. Use the following command options when starting the Java client:
  -xbootclasspath/a:%CLASSPATH%
  -Dorg.omg.CORBA.ORBSocketFactoryClass=implementation of java.rmi.server.RMISocketFactory
  -Dssl.certs=directory location of digital certificate for Java client
  -Dssl.key=directory location of private key for Java client"
  At step 3. I found into documentation that -d is linked to a directory name.
  When I run ejbc with this option -d I have the message:
  "ERROR: You must specify an output directory or jar with the -d option to weblogic.ejbc."
  % So what option can I use to run ejbc for secure usage?
  At step 5. Whatever I write for -Dorg.omg.CORBA.ORBSocketFactoryClass,
  this pointed class is not instanciated.
  Then I can not create a socket with my client.
  The folowing exception is raised:
  javax.naming.CommunicationException [Root exception is java.net.ConnectException:
  No server found at T3S://localhost:7002]
  So, my questions are:
  % Why -Dorg.omg.CORBA.ORBSocketFactoryClass must be known by the client and not
  the server?
  My java client part, managing connection is:
  -------------------BEGIN OF CONNECTION MANAGER-------------------
  Properties env = new Properties ();
  // Shouldn't have to do this, but for now you must
  if ( factory.equals ("weblogic.jndi.WLInitialContextFactory") ) {
  env.put ("java.naming.provider.url", "t3s://localhost:7002");
  InitialContext context = new InitialContext (env);
  BankSessionServerHome bssh = (BankServerHome) context.lookup("BankServerHome");
  BankServer = bssh.create();
  -------------------END OF CONNECTION MANAGER-------------------
  I have also try
  env.put ("java.naming.provider.url", "corbaloc:iiop://localhost:7002");
  but it throws the following error
  javax.naming.InvalidNameException: url does not conatin !!!
  % What is the code for the java client allowing connection with the ejb?
  % And better, can I have a sample example for rmi-iiop over ssl?
  (...wlserver6.1\samples\examples\iiop\ejb\stateless\rmiclient\client.java do not
  speak ssl!)
  Any help will be appreciate from you...
  Best Regards.
  Oliver

• How write rmi-iiop over ssl with weblogic server 6.1?

  Hello,
  I have written an appication like this:
  - An EJB server running on Weblogic server 6.1
  (named: BankServerHome)
  -A java client calling the BankServer.
  Platform: windows 2000 - jdk1.4
  Now I want to secure the communication with SSL protocol.
  I have done this:
  -generate a key peer with weblogic service named certificate.
  -send the CSR to a CA and place the answer into the weblogic
  server certificate directory.
  -update path for ServerCertificateChainFileName,
  ServerCertificateFileName, ServerKeyFileName into config.xml.
  -launch weblogicServer
       -> server certificate is recognized
       -> listening port 7001 and 7002.
  (-stop weblogicServer!)
  At now, all is all right, errors come hereafter:
  Then I follow the guideline "Programming weblogic Security" (version of 30/07/2001).
  "To use RMI over IIOP over SSL with a Java client, do the following:
  2. Extend the java.rmi.server.RMISocketFactory class to handle SSL socket
  connections. Be sure to specify the port on which WebLogic Server listens for
  SSL connections. For an example of a class that extends the
  java.rmi.server.RMISocketFactory class, see Listing 4-22.
  3. Run the ejbc compiler with the -d option.
  4. Add your extension of the java.rmi.server.RMISocketFactory class to the
  CLASSPATH of the Java client.
  5. Use the following command options when starting the Java client:
  -xbootclasspath/a:%CLASSPATH%
  -Dorg.omg.CORBA.ORBSocketFactoryClass=implementation of java.rmi.server.RMISocketFactory
  -Dssl.certs=directory location of digital certificate for Java client
  -Dssl.key=directory location of private key for Java client"
  At step 3. I found into documentation that -d is linked to a directory name.
  When I run ejbc with this option -d I have the message:
  "ERROR: You must specify an output directory or jar with the -d option to weblogic.ejbc."
  % So what option can I use to run ejbc for secure usage?
  At step 5. Whatever I write for -Dorg.omg.CORBA.ORBSocketFactoryClass,
  this pointed class is not instanciated.
  Then I can not create a socket with my client.
  The folowing exception is raised:
  javax.naming.CommunicationException [Root exception is java.net.ConnectException:
  No server found at T3S://localhost:7002]
  So, my questions are:
  % Why -Dorg.omg.CORBA.ORBSocketFactoryClass must be known by the client and not
  the server?
  My java client part, managing connection is:
  -------------------BEGIN OF CONNECTION MANAGER-------------------
  Properties env = new Properties ();
  // Shouldn't have to do this, but for now you must
  if ( factory.equals ("weblogic.jndi.WLInitialContextFactory") ) {
  env.put ("java.naming.provider.url", "t3s://localhost:7002");
  } else {
  env.put ("java.naming.provider.url", "rmi://localhost:7002");
  InitialContext context = new InitialContext (env);
  BankSessionServerHome bssh = (BankServerHome) context.lookup("BankServerHome");
  BankServer = bssh.create();
  -------------------END OF CONNECTION MANAGER-------------------
  % What is the code for the java client allowing connection with the ejb?
  % And better, can I have a sample example for rmi-iiop over ssl?
  (...wlserver6.1\samples\examples\iiop\ejb\stateless\rmiclient\client.java do not
  speak ssl!)
  Any help will be appreciate from you...
  Best Regards.
  Oliver

  "oliver" <[email protected]> writes:
  First off 1.4 isn't supported as yet. That is probably part of the problem.
  You also must use a corba URL from the client in order for this to work for instance:
  If you are using WLInitialContextFactory:
  corbaloc:iiop:localhost:7001/NameService
  If you are using CNCtxFactory:
  iiop://localhost:7001
  Using rmi: is the wrong thing to do - that will use jrmp or t3.
  However, I suggest that you raise a call with support since there is
  some other trickiness with getting SSL working. We hope to have this
  much improved in SP2.
  andy
  Hello,
  I have written an appication like this:
  - An EJB server running on Weblogic server 6.1
  (named: BankServerHome)
  -A java client calling the BankServer.
  Platform: windows 2000 - jdk1.4
  Now I want to secure the communication with SSL protocol.
  I have done this:
  -generate a key peer with weblogic service named certificate.
  -send the CSR to a CA and place the answer into the weblogic
  server certificate directory.
  -update path for ServerCertificateChainFileName,
  ServerCertificateFileName, ServerKeyFileName into config.xml.
  -launch weblogicServer
       -> server certificate is recognized
       -> listening port 7001 and 7002.
  (-stop weblogicServer!)
  At now, all is all right, errors come hereafter:
  Then I follow the guideline "Programming weblogic Security" (version of 30/07/2001).
  "To use RMI over IIOP over SSL with a Java client, do the following:
  2. Extend the java.rmi.server.RMISocketFactory class to handle SSL socket
  connections. Be sure to specify the port on which WebLogic Server listens for
  SSL connections. For an example of a class that extends the
  java.rmi.server.RMISocketFactory class, see Listing 4-22.
  3. Run the ejbc compiler with the -d option.
  4. Add your extension of the java.rmi.server.RMISocketFactory class to the
  CLASSPATH of the Java client.
  5. Use the following command options when starting the Java client:
  -xbootclasspath/a:%CLASSPATH%
  -Dorg.omg.CORBA.ORBSocketFactoryClass=implementation of java.rmi.server.RMISocketFactory
  -Dssl.certs=directory location of digital certificate for Java client
  -Dssl.key=directory location of private key for Java client"
  At step 3. I found into documentation that -d is linked to a directory name.
  When I run ejbc with this option -d I have the message:
  "ERROR: You must specify an output directory or jar with the -d option to weblogic.ejbc."
  % So what option can I use to run ejbc for secure usage?
  At step 5. Whatever I write for -Dorg.omg.CORBA.ORBSocketFactoryClass,
  this pointed class is not instanciated.
  Then I can not create a socket with my client.
  The folowing exception is raised:
  javax.naming.CommunicationException [Root exception is java.net.ConnectException:
  No server found at T3S://localhost:7002]
  So, my questions are:
  % Why -Dorg.omg.CORBA.ORBSocketFactoryClass must be known by the client and not
  the server?
  My java client part, managing connection is:
  -------------------BEGIN OF CONNECTION MANAGER-------------------
  Properties env = new Properties ();
  // Shouldn't have to do this, but for now you must
  if ( factory.equals ("weblogic.jndi.WLInitialContextFactory") ) {
  env.put ("java.naming.provider.url", "t3s://localhost:7002");
  } else {
  env.put ("java.naming.provider.url", "rmi://localhost:7002");
  InitialContext context = new InitialContext (env);
  BankSessionServerHome bssh = (BankServerHome) context.lookup("BankServerHome");
  BankServer = bssh.create();
  -------------------END OF CONNECTION MANAGER-------------------
  % What is the code for the java client allowing connection with the ejb?
  % And better, can I have a sample example for rmi-iiop over ssl?
  (...wlserver6.1\samples\examples\iiop\ejb\stateless\rmiclient\client.java do not
  speak ssl!)
  Any help will be appreciate from you...
  Best Regards.
  Oliver

• Configuring IMAP - POP - SMTP over SSL

  Hi,
  I have configured SSL for webserver. I have copied same cert database (cert8.db and key3.db) in the config directory of messaging server. Changed the ownership of database to messaging server user. Password file is updated. I am able to see the certficate (./msgcert list-certs and ./msgcert show-cert cert1).
  SSL is enabled for IMAP and POP.
  # ./getconf | grep ssl
  service.imap.enablesslport = 1
  service.imap.sslcachesize = 0
  service.imap.sslport = 993
  service.imap.sslusessl = yes
  service.pop.enablesslport = 1
  service.pop.sslcachesize = 0
  service.pop.sslport = 995
  service.pop.sslusessl = yes
  I am not able to connect to 993 and 995 port.
  bash-3.00# telnet mail1 995
  Trying 10.77.33.135...
  telnet: Unable to connect to remote host: Connection refused
  bash-3.00# telnet mail1 993
  Trying 10.77.33.135...
  telnet: Unable to connect to remote host: Connection refused
  Am I missing any step? How do I use IMAP / POP over ssl?
  Thanks and Regards,
  Shashank

  for a simple ssl client, use openssl:
  openssl s_client -connect imap.gmail.com:993provides the following output:
  CONNECTED(00000003)
  depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
  verify error:num=20:unable to get local issuer certificate
  verify return:1
  depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
  verify error:num=27:certificate not trusted
  verify return:1
  depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
  verify error:num=21:unable to verify the first certificate
  verify return:1
  Certificate chain
  0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
     i:/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[email protected]
  Server certificate
  -----BEGIN CERTIFICATE-----
  MIIDYzCCAsygAwIBAgIQCtN0WxFVbbMJoG3rDFxPezANBgkqhkiG9w0BAQUFADCB
  zjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
  Q2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UE
  CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhh
  d3RlIFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNl
  cnZlckB0aGF3dGUuY29tMB4XDTA4MDQyOTAwMTEwOVoXDTA5MDQyOTAwMTEwOVow
  aDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1v
  dW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2dsZSBJbmMxFzAVBgNVBAMTDmltYXAu
  Z21haWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFMvRc3adE9FQT
  U957F6ogQjmQRg6PGKSg79ECfMsDu/Rjrx2mFDmdScPLdHJxMgwfSrKGC/+R0OEf
  FLDCXsNng6lwrCGL1xQXwNF1mfbzQZTa01HkiGQKcv6e93jZ1FTLHTak1eja6SA+
  62IW+CSxyUGyue56quHza6zec2bhZQIDAQABo4GmMIGjMB0GA1UdJQQWMBQGCCsG
  AQUFBwMBBggrBgEFBQcDAjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLnRo
  YXd0ZS5jb20vVGhhd3RlUHJlbWl1bVNlcnZlckNBLmNybDAyBggrBgEFBQcBAQQm
  MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnRoYXd0ZS5jb20wDAYDVR0TAQH/
  BAIwADANBgkqhkiG9w0BAQUFAAOBgQBycxu3lqcaaIly9avL8Xw80+SFeWVJCUdO
  A2n2Y12OcKYeYCXuMJiHREpg+u8rjnUoDccdt7bhYq3sdhYARxtD47VjsqdpxnN0
  9ERig/Dc0vRHGdBaxJX9OfDzpJjXdcTmMfN4xfbshJr6hlsfnQ5fzw1Fk7ya4PzD
  PaGdeSi00w==
  -----END CERTIFICATE-----
  subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
  issuer=/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/[email protected]
  No client certificate CA names sent
  SSL handshake has read 1017 bytes and written 324 bytes
  New, TLSv1/SSLv3, Cipher is RC4-MD5
  Server public key is 1024 bit
  Compression: NONE
  Expansion: NONE
  SSL-Session:
      Protocol  : TLSv1
      Cipher    : RC4-MD5
      Session-ID: 86F8C5265F6EE4524797F2139851376D20D702BB9EFFB78C5CD35999DE3B4C7A
      Session-ID-ctx:
      Master-Key: EA5857BBF58622793961B6CFEE448D079E249AF36171532F40C46C2E3887E08ACFBAC823D2186231D228ECB726140718
      Key-Arg   : None
      Start Time: 1213099885
      Timeout   : 300 (sec)
      Verify return code: 21 (unable to verify the first certificate)
  ---It helps you figure out if you configured your servers correctly. It shows the cert chain sent by server, negotiated cipher suite, and whether any client-auth DNs were sent.

• Code sample HTTP get for J2EE server

  Hi,
  could somebody pls. provide a code sample to access a SAP WAS J2EE server via HTTP GET?
  I needed this to get a SAP Logon ticket issued to my web dynpro application. Basically I am imitating a logon to the server in order to get the logon ticket in return. This is the same as logging on using IE to http://server.domain:5xxxx. Should my user credentials be valid, the HTTP get would return a SAP Logon ticket (among other data).
  Thank you,
  Rene

  how would you direct the GET requests to one servlet and the POST requests to the other?
  Wouldn't they need to pass thru' yet another servlet to decide which is which (GET or POST), and redirect them accordingly?
  I would have both GET and POST handled by the same single-point-of-entry servlet. For example, not all data is sent to the server via a POST - you can send form data via a GET, using name/value pairs in the url.

• Code sample for rtp server. please!

  hi
  I need to get a rtp server code, may it simple, in order to learn from it. Did not find anything from browsing. could anyone send me a sample or a link?
  thanx a lot

  Hi,
  thanks for the link. I have aleready checked that, i should have specified more..
  The thing is that these examples require that we have the client IP and port . But in case of a NATed client, I don t see how to get this client IP.
  I looked in JMF API desperately for getting client info. But the only thing I get is the Participant class. No IP address nor a port to work with.
  'Anyone has a clue, or a code sample of a small server that listen for clients and retrieve dynamically their IP/port? would help a Lot
  thanx

• RMI over SSL under Web Start can't find trusted certificate

  I have implemented RMI over SSL to get a Java EJB Client application talking to a JRun server over SSL. It works fine from the command line, but when I try to run it as a Web Start application, I get
  java.security.cert.CertificateException: Couldn't find trusted certificate
  (More complete stack trace below)
  I am using a test certificate, not one from a bona fide CA.
  I have tried putting the key store file in one of the jars used by the application, and adding:
  <argument>-Djavax.net.ssl.trustStore=jssecacerts</argument>
  and
  <argument>-Djavax.net.ssl.trustStore=jar:http://ip/app/xxx/lib/JarWithCacs.jar!/jssecacerts</argument>
  to no avail.
  If I copy the jssecacerts to Web Start's jre/lib/security directory, it works fine.
  I have seen other postings that say to use keytool to update the JRE used by Web Start, but that kind of defeats the purpose of Web Start: zero admin client. I can't touch each user's machine.
  I have seen other posts saying to implement a more relaxed trust manager, but that doesn't seem right either.
  I am using JDK 1.4.1_02b6 on Win2k. This should be irrelevant: JRun 4 sp1a.
  Is there a way to specify the jssecacerts file in the jnlp file so Web Start will recognize it?
  Thanks for any help,
  John

  I think I have an answer:
  1) Package the truststore file in the client JAR file
  2) Add code to the client to copy the truststore from the JAR file to the client hard drive
  3) Add code to the client to set the truststore properties to refer to the file on the client hard drive
  <<code>>
  private void setupTrustStore() {
  try {
  // save truststore file to local disk
  File homeDir = new File(System.getProperty("user.home"));
  File trustStoreFile = new File(homeDir, "mytruststore");
  URL url =
  this.getClass().getClassLoader().getResource("mytruststore");
  BufferedInputStream in =
  new BufferedInputStream(url.openStream());
  BufferedOutputStream out =
  new BufferedOutputStream(new FileOutputStream(trustStoreFile));
  while(true) {
  int data = in.read();
  if(data < 0) break;
  out.write(data);
  in.close();
  out.flush();
  out.close();
  // set truststore properties
  System.setProperty("javax.net.ssl.trustStore",
  trustStoreFile.getPath());
  System.setProperty("javax.net.ssl.trustStorePassword", "mypasswd");
  } catch(Exception e) {
  e.printStackTrace();
  }

• Oracle User Messaging Service unable to connect to Mail server through SSL

  Hi,
  I have a SOA server setup with User Messaging Service, with email driver installed. I set it up to connect to an SMTP server over SSL.
  Using the user messaging sample app from samplecode.oracle.com, I encountered the following error:
  javax.mail.MessagingException: Exception reading response; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  After doing some research, I copied the cert from the Mail server and put in in the JDK keystore (jdk\jre\lib\security\cacert) using keytool -importcert command. Then I did configure the SOA server to use that keystore. However I still encountered the above mentioned exception.
  Anyone has encountered and solve the problem?
  Appreciate any pointers :)
  yee thian

  Hi,
  SAP support suggested to check the following notes:
  827958 - Javascript Errors in IC WebClient, Messaging does not work
  871851 and 872720 - JRE version
  828884 - SAM (Simple ABAP messaging)
  844929
  924443
  927566
  927567
  Regards,
  Bruno Mikio

• Remote non-SSL image served from SSL site?

  I have an SSL site and I need to display images located on an external non-SSL site. When I do this using a standard graphicImage tag and URL=http://whatever IE will throw a warning every time the page is displayed saying the page has secure and non-secure content. I need to avoid this somehow. Is there a way to have the image pulled to the server and then server over SSL? Surely this is a common problem!
  I really appreciate any help!
  Jeff

  You cannot suppress this warning without changing the browser's default settings.
  Serve the images through SSL, preferably from the same server. You could also create a servlet for this which gets the images from other non-SSL server by URLConnection.