[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: java.security
From: |
Mark Benvenuto |
Subject: |
Re: java.security |
Date: |
Tue, 19 Dec 2000 02:06:04 -0500 |
Brian Jones wrote:
> Our java.security implementation wants a file in
> java.home/lib/security/ called classpath.security. I'm not sure what
> to put in this file to denote the proper providers. I'm also not sure
> this work was ever done but my guess is it works in libgcj. The
> current error message I get with Japize (after throwing in a
> printStackTrace to catch a RuntimeException):
>
> java.lang.RuntimeException: The SHA algorithm was not found to use in
> computing the Serial Version UID for class java.lang.Object
> at java/io/ObjectStreamClass.setUID(ObjectStreamClass.java:400, pc =
> 572)
> at java/io/ObjectStreamClass.<init>(ObjectStreamClass.java:300, pc =
> 47)
> at java/io/ObjectStreamClass.lookup(ObjectStreamClass.java:60, pc =
> 61)
>
If the file classpath.security (instead of sun's java.security) does not exist,
java.security.Security should be throwing an
exception. What you need in classpath.security is primarily specify the
security provider(s).
Ex:
JDK 1.3:
security.provider.1=sun.security.provider.Sun
security.provider.2=com.sun.rsajca.Provider
Classpath:
security.provider.1=gnu.java.security.provider.Gnu
Please note, the default provider only has SHA, MD5, and DSA. Writing an X.509
provider is too much work. I think Tom Tromey or
someone said that using Cryptix's implementation is possible. Checking their
website (www.cryptix.org), the license appears to be
BSD-like.
Mark
- java.security, Brian Jones, 2000/12/18
- Re: java.security,
Mark Benvenuto <=
- Re: java.security, Tom Tromey, 2000/12/19
- Re: java.security, Brian Jones, 2000/12/19
- Re: java.security, Mark Wielaard, 2000/12/20
- Re: java.security, Tom Tromey, 2000/12/20
- Re: java.security, Brian Jones, 2000/12/20
- Re: java.security, Bryce McKinlay, 2000/12/20
- Re: java.security, Tom Tromey, 2000/12/20
- Re: java.security, Mark Benvenuto, 2000/12/21
Re: java.security, Brian Jones, 2000/12/19