Example: Running the thin client with security enabled

Your Java™ thin application client no longer needs additional code to set security providers if you have enabled security for your WebSphere® Application Server instance. This code found in IBM i Java thin clients should be removed to prevent migration and compatibility problems. The java.security file from your WebSphere instance in the properties directory is now used to configure the security providers.

The security providers were set programmatically in the main() method and occurred prior to any code that accessed enterprise beans:
import java.security.*;
  ...
  if (System.getProperty("os.name").equals("OS/400")) {

    // Set the default provider list first.
    Provider jceProv = null;
    Provider jsseProv = null;
    Provider sunProv = null;

    // Allow for when the Provider is not needed, when 
    // it is not in the client application's classpath.
    try {
      jceProv = new com.ibm.crypto.provider.IBMJCE();
    }
    catch (Exception ex) {
	ex.printStackTrace();
    throw new Exception("Unable to acquire provider.");
	}

    try {
      jsseProv = new com.ibm.jsse.JSSEProvider();
    }
    catch (Exception ex) {
	ex.printStackTrace();
    throw new Exception("Unable to acquire provider.");
	}

    try {
      sunProv = new sun.security.provider.Sun();
    }
    catch (Exception ex) {
	ex.printStackTrace();
    throw new Exception("Unable to acquire provider.");
	}

    // Enable providers early and ahead of other providers
    // for consistent performance and function.
    if ( (null != sunProv) && (1 != Security.insertProviderAt(sunProv, 1)) ) {
      Security.removeProvider(sunProv.getName());
      Security.insertProviderAt(sunProv, 1);
    }
    if ( (null != jceProv) && (2 != Security.insertProviderAt(jceProv, 2)) ) {
      Security.removeProvider(jceProv.getName());
      Security.insertProviderAt(jceProv, 2);
    }
    if ( (null != jsseProv) && (3 != Security.insertProviderAt(jsseProv, 3)) ) {
      Security.removeProvider(jsseProv.getName());
      Security.insertProviderAt(jsseProv, 3);
    }

    // Adjust default ordering based on admin/startstd properties file.
    // Maximum allowed in property file is 20.
    String provName;
    Class  provClass;
    Object provObj =  null;

    for (int i = 0; i < 21; i++) {
      provName = System.getProperty("os400.security.provider."+ i);

      if (null != provName) {

        try {
          provClass = Class.forName(provName);
          provObj = provClass.newInstance();
        }
        catch (Exception ex) {
          // provider not found
          continue;
        }

        if (i != Security.insertProviderAt((Provider) provObj, i)) {

          // index 0 adds to end of existing list
          if (i != 0) {
            Security.removeProvider(((Provider) provObj).getName());
            Security.insertProviderAt((Provider) provObj, i);
          }
        }
      } // end if (null != provName)
    } // end for (int i = 0; i < 21; i++)
  } // end if ("os.name").equals("OS/400")

指出主題類型的圖示 參照主題



時間戳記圖示 前次更新: July 9, 2016 11:15
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=tcli_thinsec
檔名:tcli_thinsec.html