|
||||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | |||||||||
See:
Description
| Class Summary | |
|---|---|
| AuthenticationTicket | |
| AuthenticationTicketProperty | |
| CertificateIdentity | The CertificateIdenty class is used as an attribute of the PublicCertificate and PrivateCertificate classes. |
| CertificateProperty | The CertificateProperty class is used as an attribute of the PublicCertificate and PrivateCertificate classes. |
| CertificateReader | This class provides a command-line tool to display the properties of a public or private certificate. |
| CertificationAuthority | |
| ConfidentialityTicket | |
| ConfidentialityTicketProperty | |
| EncryptionEngine | |
| RandomLongGenerator | |
| Session | |
| SessionKeyFactory | |
| SessionTicketProperty | |
| SigningEngine | |
| Exception Summary | |
|---|---|
| AuthenticationException | |
| KeyExchangeException | |
| SessionException | |
**For internal use only** Provides the cryptographic services.
The org.objectweb.proactive.ext.security.crypto package requires the Legion of the Bouncy Castle JCE implementation.
This package can be freely obtained at the following URL : http://www.bouncycastle.org/
Make sure to download the good version (JCE 1.2.1 for the JDK 1.3).
Both packages are included with ProActive in the lib directory.
The second step is to generate the Certification Authority's Public/Private key pair. This pair will act as a reference in the security protocols.
To generate the key pair just type :
java org.objectweb.proactive.ext.security.crypto.CertificationAuthority
The key pair will be generated (It can take a couple of seconds) and saved in the current directory.
The Certification Authority's private key will be saved in a file named : acPrivateKey
The Certification Authority's public key will be saved in a file named : acPublicKey
Make sure that the private key is located in a safe place.
The Certification Authority's private key sould only be used to generate the certificates of the domains (see step 3).
Each domain must obtain a copy of the Certification Authority's public key.
The third step is to generate certificates for each domain of the ProActive Application.
Each domain must contain a PrivateCertificate and a PublicCertificate. The certificates are required for the
authentication and the key negociation protocols.
The org.objectweb.proactive.ext.security.crypto package provides a graphical class for the certificates generation.
To launch this interface just type :
java org.objectweb.proactive.ext.security.crypto.CertificateGenerator
Screenshot of the graphical interface
You must then enter the following informations :
To generate the certificates, just press the button "Generate!". When
the certificate generation finishes (it can take a few seconds), the standard
output notices you the following message : "The Certificate Pair has been correctly generated and saved".
IMPORTANT: if you don't specify absolutes paths for files, the certificates will be created in the current directory, and the AC keys files will be searched in the current directory.
You can read the attributes of any certificate (private or public) with the following command :
java org.objectweb.proactive.ext.security.crypto.CertificateReader certificate_file
Example of this command output :
Type : PublicCertificate
Domain : www.inria.fr
Delivered : Tue Jul 24 11:18:03 CEST 2001
Expires : Wed Jul 24 11:18:03 CEST 2002
IMPORTANT : if you decide to generate a new Certification Authority's key pair, you must be awarared that all the
certificates generated with the previous Certification Authority's key pair will become invalid.
The last step is to launch the SecureNodes on each domain. To do this type :
java org.objectweb.proactive.rmi.StartSecureNode //oriens/SNode1 public_certifFile private_certifFile
acPublicKeyFile &
The distributed ProActive Application is now ready to be launched !
|
||||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | |||||||||