Usage of Security.setProperty("ssl.SocketFactory.provider",myCustomSock...)

While using java mail API, to establish a secure connection with the target server, we use a property object to set any custom socket factory like the following:
props.setProperty( "mail."+ protocol + ".socketFactory.class", "com.realops.adapter.mail.ssl.CustomSSLSocketFactory")
We also set our custom socket factory in the security api like:
Security.setProperty( "ssl.SocketFactory.provider", "com.realops.adapter.mail.ssl.CustomSSLSocketFactory");
Just wanted to know the difference b/w these two lines.
We pass the properties object while creating a javamail session. So it will pick the custom socket factory from the properties object, in this case do we still need to set the custom socket factory in the Security API?
Thanks.

Thanks for the answer.
Can you please also tell me how Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()) is functionally different from Security.setProperty( "ssl.SocketFactory.provider",...).
Do we always need to 'add' the provider if we are using the Sun's default socket factory or can we simple use local properties object for setting the sun's default socket factory also (assuming it is to be used by java mail only)?
Should I post a separate thread for this?
Much Thanks.

Similar Messages

  • Servlet security with SSL

    Hello All,
    I am fairly knew to Java and Tomcat etc as I came from a non Java\Tomcat previous role but have inherited a project which is a Java servlet (Java 1.6.0.29) running on Windows with Tomcat (Tomcat 7) as the container. The servlet communicates with both an Oracle database on a Unix server and a SQL server database on a Windows server. I now require to secure the communication with the SQL Server database using SSL (Two way communication) and would really like some straight forward guidance on how to do this, i.e. what exactly do I do?
    I ask this because there is a lot of information on the Tomcat website and other web sites but I find it becomes very ambiguous and confusing. They mostly talk about setting up a Keystore for the root certificate on the server and then say nothing about the "client". In my servlets situation the server hosting the SQL server is the "server" and the server hosting the servlet is the "client". The server hosting the servlet ("the client") already has a keystore set up on it to handle the encryption to the Oracle database and a entry to suit in the Tomcat server.xml file.
    Any assistance would be greatly appreciated. I am really stuck with this
    Thank you in advance
    Alanjo

    On 01/14/2014 06:11 AM, Alan Farroll wrote:
    > Hi all,
    >
    > I could not find a more appropriate forum in Eclipse for this question
    > so have placed it in newcomers as I am still quite new to Java\Eclipse
    >
    > We are working on a Java servlet application that involves security with
    > SSL to allow the servlet to run from a server outside our firewall and
    > interrogate databases inside our firewall. It runs on Tomcat 7 and built
    > on Java 1.6.0.29
    >
    > We have had no problems running the servlet on the Test server within
    > the firewall but when running on the Live server outside the firewall
    > the SoapUI request returns nothing and the current Tomcat log error is
    > "java.lang.RuntimeException: Could not generate dummy secret"
    >
    > The problems seem to be with the jce.jar and the sunJCE_provider.jar.
    >
    > Has anybody any assistance they could provide please.
    >
    > Thanks in advance
    >
    > AJF
    The live server doesn't have access to the right JARs? Maybe this will help?
    http://www.javahotchocolate.com/notes/jce-policy.html

  • JAAS - any example for: Security.setProperty ?

    Hi there,
    I've just started to play with JAAS. I wonder if anyone can provide an example of such file for: login.rule
    When I run my application I get the following error:
    Exception in thread "main" java.lang.SecurityException: C:\workspace\Ds\login.rule (The system cannot find the file specified)
    Assuming I create such file - what should be the content inside?
    Thank You!
    Security.setProperty("login.config.url.1", "file:C:/workspace/Ds/login.rule");

    Hello Friend,
    The detailed instructions for setting up an external LDAP
    provider for WLS 7.0 can be found at the following link.
    http://e-docs.bea.com/wls/docs70/secmanage/realm.html#1172008
    I hope that helps.
    Regards,
    Tom Hegadorn
    Developer Relations Engineer
    BEA Support
    "Friend" <[email protected]> wrote:
    >
    Is there any example I can follow to setup a LDAP as the default security
    realm
    for wls7.0 ?

  • Securing file download with standard web security and ssl

    Hi,
    I want to put some files for download in my webapp. At the same time, I want to protect these files using standard servlet security and ssl. So I added <security-constraint> in my web.xml and configured tomcat to allow SSL connection. Now I got the files protected as I expected. When I try to access the file directly from browser, tomcat shows me the login page. However, after correct login, I.E. pops up an error saying something like "Internet Explorer cannot download XXX from XXX. The file could not be written to the cache.". The log file showed the following exception:
    javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: java.net.SocketException: Connection reset by peer: socket write error
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1154)
         at com.sun.net.ssl.internal.ssl.AppInputStream.available(AppInputStream.java:40)
         at org.apache.tomcat.util.net.TcpConnection.shutdownInput(TcpConnection.java:90)
         at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:752)
         at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:526)
         at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
         at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
         at java.lang.Thread.run(Thread.java:595)
    Caused by: javax.net.ssl.SSLException: java.net.SocketException: Connection reset by peer: socket write error
         at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1443)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1407)
         at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64)
         at org.apache.coyote.http11.InternalOutputBuffer.realWriteBytes(InternalOutputBuffer.java:747)
         at org.apache.tomcat.util.buf.ByteChunk.flushBuffer(ByteChunk.java:403)
         at org.apache.coyote.http11.InternalOutputBuffer.endRequest(InternalOutputBuffer.java:400)
         at org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:961)
         at org.apache.coyote.Response.action(Response.java:182)
         at org.apache.coyote.Response.finish(Response.java:304)
         at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:281)
         at org.apache.catalina.connector.Response.finishResponse(Response.java:473)
         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
         at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:825)
         at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:738)
         ... 4 more
    Caused by: java.net.SocketException: Connection reset by peer: socket write error
         at java.net.SocketOutputStream.socketWrite0(Native Method)
         at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
         at java.net.SocketOutputStream.write(SocketOutputStream.java:136)
         at com.sun.net.ssl.internal.ssl.OutputRecord.writeBuffer(OutputRecord.java:283)
         at com.sun.net.ssl.internal.ssl.OutputRecord.write(OutputRecord.java:272)
         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:663)
         at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
         ... 15 more
    I've tried separating concerns, for example protect files but not require SSL, and enable SSL but do not protect files. Both works respectively but not together. I also tried using a download4j's DownloadServlet. Still doesn't work.
    Have any of you encouter the same situation? If so, could you enlight me what I did wrong? It maybe just a simple SSL configuration or something. Thanks in advance!
    Jack

    My environment setup is:
    JDK 1.5.01
    Tomcat 5.5.7
    For downloading files, I just use plain old <a href> method. I simply right-click the link and choose "save target as...".
    Thanks,
    Jack

  • Migrating ADF Security from file-based provider to LDAP provider

    We have deployed a small application using ADF Security with file-based provider in OAS and it works fine.
    Now we want to migrate to ADF Security using LDAP provider.
    In order to make this possible we followed the next steps:
    - Migrate all the roles and policies from the file to OID with JAZNMigrationtool.
    - In OAS we've changed the Application Security Provider to 'Oracle Identity Management'.
    - Reset the OC4J instance.
    But there was no success, the application continues working with the file-based provider.
    What more is necessary to configurate?

    Hi,
    if you use EM make sure you change the setting for the application, not the general OC4J setting.
    You can also deploy the provider settings with the orion-application.xml file added to your project
    Frank

  • After updating, Firefox informed me that Constant Guard, the security system which is provided by Comcast, is not compatible with this update and was disabled. WHY? Will Firefox now automatically provide security against online threats?

    Firefox upgraded automatically; in doing so, it stated that Constant Guard Security Suite, which is provided by Comcast, my internet service, is not compatible, and had to be disabled. Please explain why; is Firefox providing anti-virus when I surf the internet? If not, this is NOT an 'upgrade' and I will never use Firefox. Please respond as soon as possible.

    Hi, Thanks for that further bug description In Your Last Message That Describes The Problem I Am Having perfectly and is exactly the same for me.
    unfortunately that fix for my camera Powershot G6 does not work or apply as the view pictures switch is different on G6 is not usable during download as once you plug in DC/USB cable it turns off, and makes no diff and problem still exists exactly as you just described.
    thanks anyways "Selz Boy"
    it has been 17 days since apple promised to get back to me within 3-5 days hopefully with a solution, but I have still not heard from them.
    They blew me off, i guess, probably i will have to wait for new Yosemite OS update, which they pre-warned me could take as much as 6 months.
    I cannot believe apple released this new update with such major bug issues for camera downloads and that horrible "Photos" pgm which has all sorts of downgrades in features, usefulness and new bugs compared to iPhotos which I just finally got used to and was much better software.
    I am starting to lose faith in Apple and I am getting that Microsoft "FEEL" like I used to have when I was a PC user, which was why I originally switched to Apple  computers in first place.
    Oh well got my fingers crossed here.
    Thankfully the memory card reader solution  is working well, but cost me $45.

  • What kind of security does crystal report provides?

    <span style="font-size: 10pt; font-family: Verdana">What kind of security does crystal report provides</span>

    <p>What security are you asking about?</p><p>Crystal Reports is a report design tool.  If you need to secure reports so that only certain groups within your organization need can have access to them, Business Objects provides a few options:</p><p>Business Objects Enterprise</p><p>CR Server</p><p>Crystal Reports.com</p><p>I&#39;d suggest going to www.businessobjects.com to learn more about those products. </p>

  • Security certificate issue for Provider Hosted App (SP Online)

    Hi all,
    I am having a hard time with SP Online debugging a basic provider hosted app.
    Steps I have taken to create the app:
     created a new provider hosted app in Visual Studio 2013 and setting my SP Online debugging site (wich works perfectly for SP hosted apps).
    Chose Azure ACS option, although I do not have an Azure account
    When I deploy the app I get to the page on my debugging site where I must choose "Trust It", but when I do I get the message that the Connection is Unsecure/unsafe:
     How can I fix this? Do I need to create an Azure account for debugging purposes already? Or is there another way to solve the problem?

    Hi,
    I understand that you get Security certificate issue for Provider Hosted App (SP Online).
    Per my knowledge, you need to create an Azure account for debugging purposes.
    To create a SharePoint 2013 app for Office 365 and publish it to an Azure web site, you can refer to:
    http://blogs.msdn.com/b/kaevans/archive/2014/02/24/creating-a-sharepoint-2013-app-with-azure-web-sites.aspx
    Best Regards,
    Linda Li
    Linda Li
    TechNet Community Support

  • What security does Mozilla Fox provide their users?

    I am doing a research project on security that internet browsers provide to their users and was wanting more information about what security features they provide to protect their users.

    Security Features like sandboxing and checking websites before opening them. Things like that. What does Firefox do to protect their users from getting viruses/malware/spyware if the user doesn't have any anti-virus software? That's the scenario I was asking about. Sorry about the confusion.

  • How can you manage ssl service provider service in PI 7.1?

    Hello there..
    I am trying to find a place in Netweaver admin tool so that I can add CA certificate into the SSL provider service Trusted Certification Authorities list. I use to be able to do that in Visual Admin tool -> dispatcher node -> Services -> SSL Provider -> Runtime tab -> Client Authentication, but now I cannot find anywhere in the NetWeaver Admin tool.
    Thanks.
    Jerry.

    Hi Jerry,
    Once you login to the NWA, follow this path
    Configuration Management -> Security -> Certificate and keys ->
    You need to import the client certificate under ICM_SSL_xxx and you can find SSL_Provider if you scroll completly down. You need to import the private key of the client certificate under ICM_SSL_xxx.
    You have even Trusted CA's under this list. Please let me know if you have any problems.
    Thanks,
    Srini
    Edited by: srinivas kapu on Dec 18, 2008 9:58 PM

  • In Formscentral: is the form SECURE with SSL even if my existing website does not have SSL?

    I plan to embed my new form with html into my existing website. My website does not have SSL. I would like my new form to be SSL secure (will have credit card numbers.) Will the upgraded plan provide this security?

    When a form is embedded the submission is protected with SSL. You shouldn't collect credit card information using FormsCentral because the service is not PCI compliant. You should instead use our new integration with PayPal - it supports credit cards and paypal account payments. The credit card info is processed by paypal and they are PCI compliant.
    Here is a tutorial on the new payments features: http://forums.adobe.com/docs/DOC-1632

  • Cannot send email via Hotmail through port 587 with Secure Connection (SSL) set

    Something is blocking my attempts to send email (with Outlook Express) via my hotmail.com account. The error I receive is as follows:
    Your server has unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity. Account: 'Hotmail', Server: 'smtp.live.com', Protocol: SMTP, Port: 587, Secure(SSL): Yes, Error Number: 0x800CCC0F
    When Hotmail.com first changed over to a POP3 server (Sept 2009), I could send emails through them using port 587, which they require. But then something happened, with no changes on my part, to disable my ability to send.
    I have checked and rechecked my Outlook Express account settings. I can send email through another third-party mail account (at 1&1 Internet.com) using port 587, which does not require setting SSL to yes. I can also ping the Hotmail SMTP server via port 587 and receive a response from it.
    I connect to Verizon DSL via a Westell 327W modem/router. Clearly it is not blocking port 587 without SSL. Does it have the capability to block SSL traffic? Or is the Verizon server the culprit, not allowing emails to be sent via Hotmail.com?
    Two different computers on my LAN have the same problem sending emails via Hotmail.com. I have tried everything the Hotmail people have suggested; at this point they think it is an ISP problem, hence this post. This problem doesn't make sense to me and is driving me crazy. Can anyone help me with this?
    Thanks.

    You can still have your reply address set to your hotmail address. And you don't have to really remember to do anything. Configure your client for the HOTMAIL account with Verizon's outgoing server. It will automatically send via Verizon. You don't reveal your verizon.net address, you are just using their server to transmit.
    If a forum member gives an answer you like, give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer as Accepted Solution so others can see the solution to the problem.
    "All knowledge is worth having."

  • Security Issues: SSL on SOAP Adapter and Digital Signature in BPM

    Hi there,
    we're developing a R/3-XI-3rd Party Application scenario, where the XI/3rd Party communication is based on a webservice (SOAP adapter with SSL). Also, the messages in the XI/3rd Party communication must be digitally signed. I've got some questions on both subjects.
    1. About the SSL. I've started to investigate what will be necessary to enable the HTTPS option under SOAP Adapter (it's not enabled now). If I'm not correct, all I need to do is:
    - check whether the SAP Java Crypto Lib is installed in the Web AS;
    - generate the certificate request in the Visual Administrator and, after acquiring the certificate, store it with the KeyStorage option.
    Is that right?
    I'm considering that I won't need to use SSL in the ABAP Web AS, only the J2EE Java Engine (since the SOAP Adapter is based on J2EE).
    2. About the digital signature. As a first solution, we had decided on accessing a webservice based on another machine running a signature application. We'd send the unsigned XML and receive a signed XML. But since that needed to be done into the BPM, I thought that using a piece of Java code in a mapping would suit it better.
    But to be able to use the hashing/encrypting/encoding algorithms, which library needs to be installed? Is it the same SAP Java Crypto Lib that was installed for the SSL enabling?
    Thanks in advance!

    Hello Henrique,
    1. You're right. For detailed instructions please have a look at the online help: http://help.sap.com/nw04 - Security - Network and Transport Layer Security - Transport Layer Security on the SAP J2EE Engine
    2. The SOAP adapter supports security profiles. Please have a look at the online docu http://help.sap.com/nw04 -Process Integration - SAP Exchange Infrastructure - Runtime - Connectivty - Adapters - SOPA Adapter - Configuring the Sender SOAP adapter and from the link under Security Parameters to the Sender Agreement. You'll find some additional information in the following document: http://service.sap.com/~sapdownload/011000358700002767992005E/HowToMLSXI30_02_final.pdf
    Rgds.,
    Andreas

  • Crystal Report Server - SMTP over secured connection (SSL/TLS)

    <p>Hello All,</p><p>Been looking around information on Crystal Reports Server but have not managed to find the information I need. So was wondering if anyone new if it is possible to distribute reports via SMTP over secured connections such as SSL/TLS using Crystal Reports Server?  </p>

    Only if the security is external to BO. our SMPT configuration does not have a built in configuration parameter to encrypt data.
    Regards,
    Tim

  • Secure Environment  - SSL

    Hi
    We recently move an app from a development environemnt to a production environment using SSL. When we navigate from one screen to another ( on nearly every screen ) we get the message about leaving and then entering a secure environment. However, all is within the same application so we should not be leaving and re-entering. The production application is accessed through a web server which just proxies through requests.
    Any help is appreciated

    Not using hardcoded links, the problem was being caused by a popup window that
    tells you the application is loading data. We removed this and the issue went
    away.
    thanks for the response
    "Kai" <[email protected]> wrote:
    >
    Are you using hardcoded links starting with http://?
    kai
    lanoc <[email protected]> wrote:
    Hi
    We recently move an app from a development environemnt to a production
    environment using SSL. When we navigate from one screen to another
    ( on nearly every screen ) we get the message about leaving and then
    entering a secure environment. However, all is within the same application
    so we should not be leaving and re-entering. The production application
    is accessed through a web server which just proxies through requests.
    Any help is appreciated

Maybe you are looking for

  • Using external drive for iTunes Library

    There's about 80G of music on my external hard drive. I'd like to use this music as the library when the external is connected to the laptop. I don't know how to make this work. I know it's possible to duplicate the music on the Powerbook and create

  • Print to PDF from illustrator CS3

    CS3: In the Print dialog box, with Adobe PDF 8.0, I select the Printer Setup dialog box. Under the Layout pulldown menu I have PDF Options (settings) and Printer Features. Then select the print button to Save to File and name with the option to brows

  • HT201302 photos from pc to my ipad

    hi im having a hard time putting photos from my computer (xp) to my ipad.

  • Download TableView in Excel

    Hi, Is there any way to download whole TableView Data in Excel,which have more than one pages . Looking forward your response. Regards Sachin S M

  • Interactive Reports and PL/SQL Functions

    Hi, Am new to the interactive reports, and it appears to be I can only use a single SELECT statement to populate the report. I need to convert some older reports to the new interactive reports, but these are populated using PL/SQL functions, as the W