User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS

Interstage Application Server

V7.0

Security System Guide

Summary of content (328 pages)

PAGE 1
Interstage Application Server V7.
PAGE 2
Security System Guide - Preface Trademarks Trademarks of other companies are used in this user guide only to identify particular products or systems: Product Trademark/Registered Trademark Microsoft, Visual Basic, Visual C++, Windows, Windows NT, Internet Information Server, and Internet Explorer Registered trademarks of Microsoft Corporation in the U.S.A. and other countries Sun, Solaris, Java, and other trademarks containing Java Trademarks of Sun Microsystems, Inc., in the U.S.A.
PAGE 3
Security System Guide - Preface Preface Purpose of this Document This manual provides information on how to set up and operate a secure Interstage system. Note Throughout this manual Interstage Application Server is referred to as Interstage. Who Should Read this Document? This document is intended for users installing and operating Interstage Application Server.
PAGE 4
Security System Guide - Preface Organization of this Document This document is organized as follows: Part I Security Risks and Measures • Chapter 1 Security Risks This chapter explains security risks. • Chapter 2 Security Measures This chapter explains security measures. Part II Authentication and Access Control • Chapter 3 Authentication and Access Control for the Interstage HTTP Server This chapter explains how to use the authentication and access control for the Interstage HTTP Server.
PAGE 5
Security System Guide - Preface Part V Security Systems for Web Services (SOAP) • Chapter 13 Security Functions for Web Services (SOAP) This chapter explains the security functions for SOAP messages. • Chapter 14 How to Prepare PKI Environment for Web Services (SOAP) This chapter explains the key pair and certificate management environment required to use the security functions of the Web service.
PAGE 6
Security System Guide - Preface vi
PAGE 7
Table of Contents Chapter 1 Security Risks Interstage Management Console and Interstage Operation Tool ...................................................1-2 Resources to be Protected ........................................................................................................1-2 Functions to be Protected.....................................................................................................1-2 Resources to be Protected ................................................................
PAGE 8
Security System Guide: Table of Contents Operations Confined to Specific Users...............................................................................1-16 Periodic Backup ..................................................................................................................1-18 Use of the Security Function Provided by the Resource....................................................1-18 OLTP Function ..........................................................................................
PAGE 9
Security System Guide - Table of Contents Setting Access Permission for Operating Resources.........................................................1-30 Protecting Communication Contents ..................................................................................1-31 Confirming the Authentication Server .................................................................................1-31 Countermeasures Against Password Attacks.....................................................................
PAGE 10
Security System Guide: Table of Contents Security Measures for Operation of the Web Server (Interstage HTTP Server) ............................2-4 Notes When Making Access ......................................................................................................2-4 Notes on Communication Data..................................................................................................2-4 Threats of Denial of Service Attacks (DoS) ............................................................
PAGE 11
Security System Guide - Table of Contents Security Measures for Portable-ORB ...........................................................................................2-20 Unauthorized Access to Resource Files..................................................................................2-20 Notes on Communication Data................................................................................................2-20 Notes on Creation and Operation of Java Applet .......................................
PAGE 12
Security System Guide: Table of Contents Relating Directives ...................................................................................................................3-12 Allow ...................................................................................................................................3-12 Deny....................................................................................................................................3-13 ...................................
PAGE 13
Security System Guide - Table of Contents ServerRoot..........................................................................................................................3-40 User ....................................................................................................................................3-41 Chapter 4 HTTP Tunneling HTTP Data Communication Using HTTP Tunneling.......................................................................4-2 HTTP Tunneling Mechanism .....................
PAGE 14
Security System Guide: Table of Contents Registering the CA Certificate.............................................................................................7-11 Registering a Site Certificate ..............................................................................................7-11 Registering the Certificate of Another Reliable Site ...........................................................7-12 Registering a CRL .............................................................................
PAGE 15
Security System Guide - Table of Contents Registering the User PIN ...........................................................................................................9-3 Setting up the Environment Definition File ................................................................................9-4 General Operation of SSL ....................................................................................................9-4 SSL Operation Using the Virtual Host Function ...............................
PAGE 16
Security System Guide: Table of Contents Setting the SSL Information in the CORBA Application (Server Application Only)..................10-4 Operating the SSL Linkage......................................................................................................10-5 SSL Linkage in the IPv6 Environment .....................................................................................10-5 CORBA Server Environment Setup ................................................................................
PAGE 17
Security System Guide - Table of Contents Constructing a Key Pair/Certificate Management Environment ..............................................14-7 Environment Construction when a Private-key is needed..................................................14-8 Environment Construction when a Private-key is not Needed .........................................14-11 Using a CORBA/SOAP Gateway................................................................................................
PAGE 18
Security System Guide: Table of Contents Chapter 16 How to Use Reliable Messaging Function for Web Services (SOAP) PUSH Model (Receiving Messages by the Server System).........................................................16-2 Preparing a Key Pair and Public Key Used by the Receiver Server .......................................16-2 Deploying the Receiver Application .........................................................................................
PAGE 19
Security System Guide - Table of Contents Appendix B Authentication and Access Control for the Component Transaction Service User Authentication........................................................................................................................ B-2 User Authentication with Authentication Objects ...................................................................... B-2 User Authentication with Web Server Functions ......................................................................
PAGE 20
Security System Guide: Table of Contents xx
PAGE 21
Part I Security Risks and Measures If the system security is violated, unauthorized access by malicious attackers can cause interference and unauthorized use of system operation as well as information leakage. This part explains the threat of security violation by the attackers and the measures to be against them when constructing a system in a network environment using the Interstage Application Server.
PAGE 22
PAGE 23
Chapter 1 Security Risks This chapter explains the resources to be protected (protection target resources), possible threats to the protection target resources, and measures to be taken against the individual threats. The chapter uses representative operation models of the Interstage Application Server to explain these.
PAGE 24
Chapter 1: Security Risks Interstage Management Console and Interstage Operation Tool The Interstage Management Console and the Interstage Operation Tool can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Web-J Edition (Interstage Management Console only) • Interstage Application Server Plus This section gives an overview of possible security risks in the general operating envir
PAGE 25
Interstage Management Console and Interstage Operation Tool Possible Security Risks to Resources The following describes possible security threats during operation of the Interstage Management Console and the Interstage Operation Tool.
PAGE 26
Chapter 1: Security Risks Countermeasures Against Exploitation of User IDs and Passwords In an environment open to limited users like an intranet, it is not likely that user IDs and passwords will be decrypted. Such an environment is often the management base of user ID and password information, and the information of user IDs and passwords is often saved in a file. If this file is accessible by unauthorized users, there is a high risk of exploitation of the user ID and password information.
PAGE 27
J2EE Application J2EE Application This section gives an overview of security risks in J2EE applications. Generally, a J2EE application performs operations with client programs using various components. The client program of a J2EE application is sometimes executed as an independent Java program and sometimes via a Web browser. When it is executed via a Web browser, a Web server mediates the operation.
PAGE 28
Chapter 1: Security Risks Resources to be Protected The following table lists the resources that are used when the corresponding function available for a J2EE application is used. If high security is required, it is best to protect these resources.
PAGE 29
J2EE Application Function Resource to be protected Execution environment setup for Servlet and EJB IJServer environment definition file Execution environment setup for Servlet (when an V5.0.
PAGE 30
Chapter 1: Security Risks Resource to be protected Possible threat IJServer log file Tampering of data recorded in the file Exploitation of information recorded in files Damage to files Log file for JServlet environment Tampering of data recorded in the file Exploitation of information recorded in files Damage to files Log file for EJB environment Tampering of data recorded in the file Exploitation of information recorded in files Damage to files Log in the database Tampering of data recorded Expl
PAGE 31
J2EE Application Possible Countermeasures The following outlines possible countermeasures against security risks. For further details, refer to the descriptions for each component.
PAGE 32
Chapter 1: Security Risks Countermeasures Against Damage to Data There are some J2EE applications that use databases. For this type of application, the data stored in those databases should also be protected. In addition to the security function that the database itself has, periodic data backup is an effective countermeasure against damage to data. Countermeasures Against Damage to Files There are required files in the operating environment of a J2EE application.
PAGE 33
Web Services Web Services Web services can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Plus For information on security risks to web services, refer to Security Systems for Web Services (SOAP) in Part IV.
PAGE 34
Chapter 1: Security Risks Database Linkage Service The Database Linkage Service can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Plus This section gives an outline of security risks in an operating mode where the database linkage service is used.
PAGE 35
Database Linkage Service Resources to be Protected The following table lists the resources used when the database linkage service is used. If high security is required, it is desirable to protect these resources.
PAGE 36
Chapter 1: Security Risks The following describes the locations of the resources to be protected: • Folder storing the OTS system information Folder where the database linkage service is installed: \etc folder • Transaction log file Transaction log file that was specified when the OTS system was created • Folder storing the trace log Folder where the database linkage service is installed: \var folder • Repository storing the resource definitions Folder where the database linkage service is installe
PAGE 37
Database Linkage Service Possible Threats to Resources The following describes the possible security risks to the database linkage service: Table 1-8 Possible Security Risks Resource to be protected Possible threat Folder storing the OTS system information Tampering of information Exploitation of information Damage to data Damage to file Transaction log file Tampering of information Exploitation of information Damage to data Damage to file Folder storing the trace log Tampering of information Exploi
PAGE 38
Chapter 1: Security Risks Countermeasures Against Threats For the database linkage service, the following are effective measures against security invasion.
PAGE 39
Database Linkage Service Using only the authorization of the selected users, start construction of the environment and operation of the database linkage service. If the environment is already established, do the following according to the functions used: • Creation of applications Create applications logged in as an authorized user. • Creation of a resource control program Create resource control programs logged in as an authorized user.
PAGE 40
Chapter 1: Security Risks Periodic Backup If you backup information periodically, you can restore the environment even if the information is tampered with. Periodic backup is an effective defense against the following threats: • Tampering of information • Damage to data • Damage to file There are two procedures for periodic backup: • Data Backup • Data Restoration Data Backup Use the 'otsbackupsys' command to perform periodic backups.
PAGE 41
OLTP Function OLTP Function The OLTP function can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Plus This section gives an overview of the threats posed by invasion of security in a general OLTP application. Generally, an OLTP application performs operations with a CORBA client program.
PAGE 42
Chapter 1: Security Risks Resources to be Protected The following table lists the resources when an OLTP application is used. If high security is required, it is desirable to protect these resources.
PAGE 43
OLTP Function Possible Threats to Resources The following describes the possible security threats posed to resources to be protected in operation of an OLTP application.
PAGE 44
Chapter 1: Security Risks Resource to be protected Possible threat Naming Service for load balance Tampering of data recorded in the file Exploitation of information recorded in files Damage to files Definitions related to Interstage Tampering of data recorded in the file Exploitation of information recorded in files Damage to files WorkUnit definition Tampering of data recorded in the file Exploitation of information recorded in files Damage to files Countermeasures Against Security Risks The foll
PAGE 45
OLTP Function Countermeasures Against Tampering of Data Recorded in the File There are environment definition files and other such files in the operating environment of an OLTP application. If the information in this file is illicitly tampered with, it may disable an OLTP application and cause various problems. An effective countermeasure against this threat is to set appropriate access permissions on this file.
PAGE 46
Chapter 1: Security Risks Smart Repository The Smart Repository function can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Plus Resources Requiring Security Protection This section explains the resources requiring security protection when Smart Repository is used.
PAGE 47
Smart Repository Potential Security Threats The following indicates the potential security threats to the resources requiring Smart Repository protection: Resources requiring protection Potential threats Authentication information (passwords) of the registered users (entries) Password decryption Password theft Authentication information (password) for the Smart Repository administrator DN Setting information for the user password encryption method Illegal use of Smart Repository Passwords contained i
PAGE 48
Chapter 1: Security Risks Password Encryption When an entry search is requested from a client to Smart Repository, the password included in an entry can be retrieved in the form of an encrypted password string by using a method other than the original encryption method for user password encryption. Password encryption is a good way of protecting against the threat of password decryption.
PAGE 49
Smart Repository Periodic Data Backup By performing data backup periodically, the environment can be restored even if information is altered through unauthorized access. Periodic backup provides good protection against the following threats: • Destruction or deletion of Smart Repository data • Alteration of information recorded in files • File destruction Use the backup command (irepbacksys) to perform periodic backups.
PAGE 50
Chapter 1: Security Risks Interstage Single Sign-on This section explains the security threats for Interstage single sign-on and the countermeasures that can be taken. Configuration Model The figure below shows the basic configuration model for Interstage single sign-on. Figure 1-1 Interstage Single Sign-on System The Interstage Single Sign-on system consists of three types of servers: repository servers, authentication servers, and business servers. The user uses the system from the client Web browser.
PAGE 51
Interstage Single Sign-on Possible Threats This section explains the possible threats when using Interstage Single Sign-on. Deleting, Rewriting, and Exposing Server Resources The repository server, authentication server, and business server contain important files to control the programs. The files include the authentication infrastructure setup file and business system setup file required for setting up each server, and the configuration file and service ID file created after setting up the servers.
PAGE 52
Chapter 1: Security Risks Application Risk Interstage Single Sign-on stores important information in the Web browser cookie. The attacker could collect cookies for spoofing when the application operating on the business server is vulnerable, e.g., cross site scripting (XSS) or allocation of a malevolent application. Client Risk When an attacker takes advantage of Web browser defects and obtains cookie information, vulnerability may become apparent.
PAGE 53
Interstage Single Sign-on Protecting Communication Contents Encryption is an effective way of protecting communication contents from being rewritten or exposed. Use https as the protocol for the authentication and business servers and encrypt the communication contents. The SSL environment is required to operate https. The repository server need not use SSL communication because the Interstage Single Sign-on program encrypts the communication contents.
PAGE 54
Chapter 1: Security Risks Difficult-to-guess Password Use a password that cannot be easily guessed by others or identified mechanically by some kind of tool. A difficult-to-guess password should meet the following conditions: • Cannot be guessed from personal information, e.g., name or birthday. • Comprises the longest character string possible. • Contains uppercase and lowercase letters, numbers, and symbols. • Contains one complete word without modification.
PAGE 55
Interstage Single Sign-on Operating and Managing a Business Server To prevent unauthorized access to the protection resources of the business server and control correct authentication or authorization, the business server must be operated and managed appropriately. • Use https as the protocol of the business server and encrypt the communication contents with the Web browser. • Do not operate an unnecessary Web service on another port of the same server.
PAGE 56
Chapter 1: Security Risks For Java Applications Using Single Sign-on JavaAPIs Possible threat Action Application alteration - Periodically change the account password. Application destruction - Periodically back up data. Leakage of user IDs or passwords - Securely implement communication with the client (using SSLSocket, etc.) Operation of the application operating terminal - When operating Java applications in server applications, implement them as daemon processes or services.
PAGE 57
Multi Server Management Multi Server Management This section describes how to deal with security threats using Multi Server Management. The Admin Server function of Multi Server Management can only be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Plus The Managed Server function of Multi Server Management can be used with all products.
PAGE 58
Chapter 1: Security Risks Configuration Model When using Multi Server Management, the LAN for the flow of the actual business data and the LAN for the flow of operation management data between the Admin Server and Managed Server are usually separated.. The former is called the “business LAN”, and the latter the “management LAN”. The following figure shows an overview of the business LAN and management LAN and a typical usage model for Multi Server Management.
PAGE 59
Multi Server Management Figure 1-2 Multi Server Management Configuration Model In a typical Multi Server Management configuration, one Admin Server manages one site. The site is configured using multiple servers, with servers that execute the same business applications grouped together. The Admin Server runs the servers in the site using the Interstage Management Console.
PAGE 60
Chapter 1: Security Risks Resources to be Protected This section describes the resources to be protected when Multi Server Management is used.
PAGE 61
Multi Server Management Threat Prevention The following table lists countermeasures that can be taken against possible security risks.
PAGE 62
Chapter 1: Security Risks Countermeasures Against Exploitation of Information Recorded in Files The information required for operation of the Interstage Management Console and Interstage Operation Tool is stored in files. The contents of these files are also resources, and it is important to prevent exploitation of them. An effective means of protecting these files is to set appropriate access permissions for them.
PAGE 63
Configuration Management Function Configuration Management Function This section describes how to deal with security threats using the Configuration Management function. Configuration Management Function Usage Model The following figure shows a typical usage model for the Configuration Management function. Figure 1-3 Configuration Management Function Usage Model The Configuration Management function stores operations in the Interstage Management Console internally.
PAGE 64
Chapter 1: Security Risks Resources to be Protected The following resources are used in the Interstage Management Console. If advanced security measures are requested, it is advisable to protect these resources as part of that security.
PAGE 65
Configuration Management Function Countermeasures Against Overwriting Information Recorded in Files Various items of Interstage information are saved in the Configuration Management function repository in binary format. If the contents of these files are overwritten illegally, it might cause various problems, such as being unable to run Interstage. To effectively counter this type of threat, implement appropriate access authority settings for the files in which this information is saved.
PAGE 66
Chapter 1: Security Risks 1-44
PAGE 67
Chapter 2 Security Measures Generally, the services alone cannot completely protect resources from security attacks. Taking operational measures can also increase safety. This chapter explains the security measures indicated in "Security Risks and Measures" separately for each service. To implement safe and firm operation against security violation, it is recommended to refer to and carry out the measures for the services used. Security information on Fujitsu products is available from the following site.
PAGE 68
Chapter 2: Security Measures Common Security Measures This section explains the following topics: • Notes on User Accounts • Backup • Notes on Interstage Installation Resources Notes on User Accounts To prevent termination of operation, alteration of resources, and leakage of information that may be done by end users, it is recommended not to register a user account that is not an authorized Administrator.
PAGE 69
Security Measures for Interstage Operation Tool Security Measures for Interstage Operation Tool The Interstage Operation Tool can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Plus Notes on User Accounts Operation of the Interstage Operation Tool by end users is restricted by giving permissions only to the users within the Administrators group to operate important functions such
PAGE 70
Chapter 2: Security Measures Security Measures for Operation of the Web Server (Interstage HTTP Server) This section explains the following topics: • Notes When Making Access • Notes on Communication Data • Threats of Denial of Service Attacks (DoS) • Leakage of Password Information • Unauthorized Access to Resource Files • Risk of Exploiting the HTTP TRACE Method • Threat that the UNIX account name will be discovered Notes When Making Access When an access is made from a Web browser to the I
PAGE 71
Security Measures for Operation of the Web Server (Interstage HTTP Server) • IP access control: It is possible to permit access only to specific clients. For information about IP access control, refer to IP Access Control in Authentication and Access Control for the Interstage HTTP Server in Chapter 9. • Use of SSL encryption: High level of security can be retained, where client authentication is possible.
PAGE 72
Chapter 2: Security Measures Risk of Exploiting the HTTP TRACE Method Malicious users (or machines) on the network may read private information in HTTP request data or execute unwanted codes. To prevent this risk, it is recommended to disable the HTTP TRACE method by specifying the following lines in the Interstage HTTP Server environment definition file (httpd.conf): The TRACE method is the HTTP/1.1 method of receiving the data sent from the client side as response data.
PAGE 73
Security Measures for Operation of the Web Server (Interstage HTTP Server) LoadModule rewrite_module libexec/mod_rewrite.so AddModule mod_rewrite.c ServerName virt.example.com ServerAdmin webmaster@virt.example.com RewriteEngine On RewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule .* - [F] ...
PAGE 74
Chapter 2: Security Measures Making all documents, except for “user3” and “user4”, under “user home directory/public_html” public. UserDir public_html UserDir disabled user3 user4 Notes: If just “UserDir public_html” is specified, when the "http://host name[:port number]/~user" request is received, the status code that is returned when the user name is specified as “user” depends on whether the user exists in the UNIX server. For this reason, the UNIX account name on the Web server might be discovered.
PAGE 75
Security Measures for Operation of the Web Server (InfoProvider Pro) Security Measures for Operation of the Web Server (InfoProvider Pro) The InfoProvider Pro can be used on the Windows(R) system or Solaris OE system. Notes on Permissions of Contents To prevent alteration by end users, it is recommended to set the proper permissions on the top-level directory to be made accessible and the directory that stores applications.
PAGE 76
Chapter 2: Security Measures Security Measures for the Servlet Service This section explains the following topics: • Notes on the Use of Sessions • Notes on Web Application Development • Notes on Deployment of Web Applications • Notes on the Root Directory of the Web Application • Notes on Communication Data Notes on the Use of Sessions Session information is embedded in cookies or URL parameters.
PAGE 77
Security Measures for the Servlet Service Notes on Communication Data Possible threats to communication between the Web server connector and Servlet container are as follows: • The Web server connector is impersonated to illegally access the Servlet container. • Communication data is viewed by unauthorized person. • Communication data is altered. It is recommended to use SSL communication for protection from these threats.
PAGE 78
Chapter 2: Security Measures Security Measures for the EJB Service This section gives an outline of security risks when the EJB service is used. EJB Service is required when the "EJB function" of J2EE applications is used. Web-J supports only the client function of the EJB service. Resources to be Protected This section describes the resources to be protected when the EJB service is used. Resources to be Protected The table below lists the resources that are used for EJB Service.
PAGE 79
Security Measures for the EJB Service Possible Threats to Resources The following countermeasures can defend EJB Service against security invasion.
PAGE 80
Chapter 2: Security Measures Selection of Specific Users By fixing the operators of the entire system to a pre-specified set of users, you can prevent tampering of information. Executing the security enhancement command, you can change the operation mode of EJB Service to the specific user authorization mode. For detailed information about the security enhancement command, refer to Environment Setup for Interstage Resources Protection in Appendix A.
PAGE 81
Security Measures for J2EE Deployment Tool Security Measures for J2EE Deployment Tool This topic explains the following topic: • Unauthorized Access to Resource Files Unauthorized Access to Resource Files The J2EE Deployment tool is used for deploying J2EE applications and making them usable. The J2EE applications to be deployed are saved in ear file, jar file, rar file, and war files. These files may be exposed to the threat of unauthorized access from an ill-intentioned person.
PAGE 82
Chapter 2: Security Measures Security Measures for the J2EE Resource Access Definition This section explains the following topic: • Leakage of Password Information Leakage of Password Information The J2EE resource access definition can hold definitions of access information for various resources used by J2EE applications. This access definition information is saved in a file, which includes password information. There is a possible threat that an ill-intentioned person may furtively read this file.
PAGE 83
Security Measures for Interstage JMS Security Measures for Interstage JMS Interstage JMS can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Plus Unauthorized Access to Resource Files Interstage JMS Server has environment definition files as listed below: • JNDI definition file (fjmsjndi.ser.*) (*1) • JMS non-volatilization file (fjmsmng.ser.*, fjmsdsubXXXX.ser, lock\.
PAGE 84
Chapter 2: Security Measures Security Measures for CORBA Service This section explains the following topics: • Unauthorized Access to Resource Files • Notes on Communication Data • Notes on the Port Number used by CORBA Service • Notes on Creation and Operation of Java Applets Unauthorized Access to Resource Files CORBA service has environment definition files as listed below: • • • • 2-18 CORBA Service − CORBA Service environment definition information file (config) (*1) − Host information
PAGE 85
Security Measures for CORBA Service These files may be exposed to the threat of unauthorized access from an ill-intentioned person. To protect these files from this threat, make these files inaccessible by end users. For this purpose, it is recommended to allow access only by users having administrator authorization (superuser for a Solaris OE/Linux system, and Administrator for Windows(R) system).
PAGE 86
Chapter 2: Security Measures Security Measures for Portable-ORB Portable-ORB can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Plus Unauthorized Access to Resource Files Portable-ORB service has environment definition files as listed below: • Portable-ORB environment definition file (config) (*1) • Host information file (initial_hosts) (*1) • Initial service file (initial_se
PAGE 87
Security Measures for Portable-ORB Notes on Creation and Operation of Java Applet Be careful about the following points when creating and operating a Java applet that uses Portable-ORB. About Authorization Settings If Java applets in operation are given more authorization than necessary, some malicious applets (including Javascript) may use it to cause problems on client machines, such as damaged files, leakage of data in files, leakage of individual user information, and so on.
PAGE 88
Chapter 2: Security Measures Security Measures for Event Service Event service can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Plus Unauthorized Access to Resource Files Event service has environment definition files as listed below: • Event Service configuration information (essystem.cfg) (*1) • Event channel operating environment (esgrpX.
PAGE 89
Security Measures for IJServer Operation Security Measures for IJServer Operation IJServer is an operating environment for JEEE applications. Unauthorized Access to Resource Files When IJServer is operated, the resource files for IJServer are stored in the ijserver directory under the J2EE common directory. These files may be subjected to unauthorized access by malicious persons or machines. To protect these files from such threats, access to the files from general users can be inhibited.
PAGE 90
Chapter 2: Security Measures Security Measures Concerning Operation of Smart Repository Smart Repository can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Plus About Operation Take the following measures to prevent incorrect use during operation.
PAGE 91
Security Measures for Fujitsu Enabler Security Measures for Fujitsu Enabler This section explains how to configure the security settings for the Fujitsu Enabler account. Account Used for Fujitsu Enabler Fujitsu Enabler is used for Smart Repository. For Fujitsu Enabler, an account "oms" is used for a special purpose. To prevent malicious access using the oms account, inhibit the local login with the oms account.
PAGE 92
Chapter 2: Security Measures Measures for Multi server Management This section explains the use of "roles" in Multi server Management. Security Role Settings When using Multi Server Management, it is important that the authority set for a user to log in to the Interstage Management Console is appropriate. This user authority is called a “role”. The executable operations vary according to the role authority.
PAGE 93
Measures for Configuration Manager Measures for Configuration Manager This section explains the security measures for the Configuration Manager. Illegal Access to Resource Files The Configuration Manager uses the following files. • Business configuration management function repository (Note 1) (Note 1) This is the folder that is set in “Repository Environment Settings” of the Interstage Management Console [Configuration Management] tab.
PAGE 94
Chapter 2: Security Measures 2-28
PAGE 95
Part II Authentication and Access Control
PAGE 96
PAGE 97
Chapter 3 Authentication and Access Control for the Interstage HTTP Server This chapter describes the authentication and access control that Interstage HTTP Server provides.
PAGE 98
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Types of Authentication There are three types of authentication, as shown below. • User authentication (Basic Authentication) • IP access control Note User authentication and IP access control can be used independently or together.
PAGE 99
Types of Authentication Remarks When SSL is used between the client and the server for user authentication, the user name and the password are encrypted, which makes them almost impossible to intercept or steal. IP Access Control IP access control limits accessing the resource on the Web server for each IP address of the equipment in the access source. Web server determines whether or not to permit access to the resource from the IP address of the machine that is attempting access.
PAGE 100
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Online Collation This function is used to control and store the user names, passwords and group information used in user authentication in the directory server. Web server uses the LDAP (Lightweight Directory Access Protocol) V3 to communicate with the directory server and collates the user name/password in the online operation.
PAGE 101
Setting the User Authentication Setting the User Authentication User authentication is set according to the following procedures. 1. Registering a user password 2. Editing the environment definition file Note When the online collation function is in use user authentication cannot be used. Registering a User Password Register a password for users to whom access permission is to be provided in the password file, by executing the htpasswd command after the command prompt.
PAGE 102
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Editing the Environment Definition File To allow the users whose password has been registered in the password file to access directories under a specified directory, use the following directives in the environment definition file (httpd.conf) of Interstage HTTP Server.
PAGE 103
Setting the User Authentication Relating Directives • AuthName • AuthType • AuthUserFile • • Require Relating Directives When user authentication is used, the following directives are related to settings of the environment definition file.
PAGE 104
Chapter 3: Authentication and Access Control for the Interstage HTTP Server AuthName Name AuthName Synopsis AuthName 'title' Description Specifies the title displayed on the authentication screen in the ASCII alphanumeric characters (1 byte characters). Context Directory Default Value None AuthType Name AuthType Synopsis AuthType Basic Description Specifies the type of authentication 'Basic'. Basic Sets basic authentication (the passwords are plain text).
PAGE 105
Setting the User Authentication AuthUserFile Name AuthUserFile Synopsis AuthUserFile file-name Description Specifies the name of the password file used for user authentication (the name of the text file that includes the list of users and their passwords). Context Directory Default Value None Module mod_auth Name Synopsis ...
PAGE 106
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Require Name Require Synopsis Require valid-user|user user-name|group group-name Description Specifies the rule to be applied for user authentication. valid-user Authenticates all valid users. When the online collation function is used, users registered with the directory server are allowed. user user-name Authenticates users specified by user-name.
PAGE 107
Setting the IP Access Control Setting the IP Access Control For IP access control, you can allow only specified hosts to make access to directories under a specified directory using the following directives in the environment definition file (httpd.conf) of Interstage HTTP Server. By doing this, any access from Web browsers that are on unspecified hosts are rejected. Example To allow a specified host '192.168.1.
PAGE 108
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Relating Directives When IP access control is used, the following directives are related to settings of the environment definition file.
PAGE 109
Setting the IP Access Control Description Specifies a host or network that is granted access to the directories. Specifying 'all' for the host entry allows all hosts to access the directories. Specifying the IP address of a host allows only that host to access the directories. Context Directory Default Value None Module mod_access Deny Name Deny Synopsis Deny from host|network[/mask] [host|network[/mask]] ... Description Specifies a host or network that is denied access to the directories.
PAGE 110
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Name Synopsis ... Description Specifies the directory section only when a directive is used within the specific directory and subdirectories of that directory. The directory name can be specified using a relative path, wild card (? indicates a specific character, * indicates a character string), and regular expressions.
PAGE 111
Setting the Online Collation Function Setting the Online Collation Function Set the operation of the online collation function according to the following procedure. The directory servers used when the online access management function is operated, are intended for the following services: • Smart Repository With the online collation function, operation with SSL enabled or disabled can be set between Interstage HTTP Server and the directory server.
PAGE 112
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Operation without Using SSL Configuration Procedure 1 This section explains the procedure for operating the online collation function without using the SSL between the Interstage HTTP Server and directory server. 1. Set up the environment of the directory server Set the directory server environment. Refer to Setting the Directory Server Environment for details of how to set the directory server environment. 2.
PAGE 113
Setting the Online Collation Function Configuration Procedure 3 (when Interstage HTTP Server and Smart Repository are on different systems) The following procedure is for operating the online collation function with SSL enabled between Interstage HTTP Server and the directory server; when Interstage HTTP Server and Smart Repository are on different systems. 1. Set up the environment of the directory server Set the directory server environment. An SSL environment must also be set on the directory server.
PAGE 114
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Setting the Directory Server Environment To use the online collation function, the environment of the directory server need be set up. The following operations are required for setting up the directory server environment: 1. Preparing the Directory Server 2. Creating Entries Preparing the Directory Server Prepare the directory server and generate a repository (DSA).
PAGE 115
Setting the Online Collation Function Example of User Entry Configuration Figure 3-4 Creating User Entry Creating Group Entry Create the group entry with the following groupOfNames object class. For the group entry, the following items must be set. Table 3-3 Group Entry Settings Item Description cn attribute Sets a name of a group to which the user performing online collation belongs. member attribute Sets a DN name of the user belonging to a group.
PAGE 116
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Example of Group Entry Figure 3-5 Group Entry Configuration Set the Interstage HTTP Server Environment Definition File Define the online collation function according to the mode of operation in the environment definition file (httpd.conf) for the Interstage HTTP Server. The method for setting the environment definition file for Interstage HTTP Server (httpd.
PAGE 117
Setting the Online Collation Function Setting 1: Operation without Using SSL Example Running the online collation function without using SSL, under the following settings: Directory server 'hostname' Port number '389' BindDN name used to access the directory server 'cn=manager,ou=interstage,o=fujitsu,dc=com' Name of the tree containing user information on the directory server 'ou=User,ou=interstage,o=fujitsu,dc=com' # Add the module (Delete the comment) LoadModule mod_ldap_module modules/mod_ldap.
PAGE 118
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Example Running the online collation function without using SSL, under the following settings: Directory server 'hostname' Port number '389' BindDN name used to access the directory server 'cn=manager,ou=interstage,o=fujitsu,dc=com' Name of the tree containing user information on the directory server 'ou=User,ou=interstage,o=fujitsu,dc=com' # Add the module (Delete the comment) LoadModule mod_ldap_module libexec/mod_ldap.
PAGE 119
Setting the Online Collation Function Setting 2: Operation Using the SSL (setting for using an Interstage certificate environment or for using SSL configured on Smart Repository) Example Running the online collation function without using SSL, under the following settings: Directory server 'hostname' Port number '636' BindDN name used to access the directory server 'cn=manager,ou=interstage,o=fujitsu,dc=com' Name of the tree containing user information on the directory server 'ou=User,ou=interstage,o=fujit
PAGE 120
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Example Running the online collation function without using SSL, under the following settings: Directory server 'hostname' Port number '636' BindDN name used to access the directory server 'cn=manager,ou=interstage,o=fujitsu,dc=com' Name of the tree containing user information on the directory server 'ou=User,ou=interstage,o=fujitsu,dc=com' User who registered to owner groups of Interstage certificate environment 'nobody' Group to
PAGE 121
Setting the Online Collation Function Setting 3: Operation Using the SSL (setting for using a certificate/key management environment configured with the SMEE commands) Example Running the online collation function using the SSL, under the following settings: Directory server 'hostname' Port number '636' BindDN name used to access the directory server 'cn=manager,ou=interstage,o=fujitsu,dc=com' Name of the tree containing user information on the directory server 'ou=User,ou=interstage,o=fujitsu,dc=com' Slot
PAGE 122
Chapter 3: Authentication and Access Control for the Interstage HTTP Server # Token label AuthLDAPTknLbl # User PIN file AuthLDAPTknPwd token01 userpin Example Running the online collation function using the SSL, under the following settings: Directory server 'hostname' Port number '636' BindDN name used to access the directory server 'cn=manager,ou=interstage,o=fujitsu,dc=com' Name of the tree containing user information on the directory server 'ou=User,ou=interstage,o=fujitsu,dc=com' Slot
PAGE 123
Setting the Online Collation Function # (389:optional value for not using SSL, 636:optional value for using SSL) AuthLDAPPort 636 # Name of the tree containing user information on the directory server AuthLDAPbasedn ou=User,ou=interstage,o=fujitsu,dc=com # Rule to be applied for LDAP authentication Require valid-user # Specify whether to enable SSL (off: disable, on: enable).
PAGE 124
Chapter 3: Authentication and Access Control for the Interstage HTTP Server • • Group • LoadModule • Require • User Relating Directives The following directives are related to settings of the environment definition file to use the online collation function.
PAGE 125
Setting the Online Collation Function Module Name of the module that implements the directive function. A directive with no module name indication is included in the basic module. Note Notes on the use of the directive Examples Directive example (included only for a directive which requires complicated setting). AddModule Name AddModule Synopsis AddModule module [module] ... Description Enables read modules or embedded modules.
PAGE 126
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Description Specifies the name of the tree that is storing information about users in the directory server using the DN name. When information about the users is stored in multiple directories, specify the name of a high-order DN which is inclusive of all the user information storing directories. The directory specified in BaseDN is handled as the top directory from which a search is made for information about the users.
PAGE 127
Setting the Online Collation Function AuthLDAPBindPassword Name AuthLDAPBindPassword Synopsis AuthLDAPBindPassword BindPassword Description When some BindDN name has been specified by the AuthLDAPBindDN directive, specify the password for the BindDN name. When making anonymous access, omit this directive. BindPassword Use ASCII characters (1-byte characters: 0 to 9, A to Z, and a to z). Up to 128 bytes are allowed.
PAGE 128
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Module mod_ldap AuthLDAPEnabled Name AuthLDAPEnabled Synopsis AuthLDAPEnabled on|off Description Specifies whether to apply LDAP authentication. on Applies LDAP authentication. off Does not apply LDAP authentication. Context Directory Default Value on Module mod_ldap AuthLDAPHost Name AuthLDAPHost Synopsis AuthLDAPHost Host-name Description Specifies the host name including the domain name of a directory server or the IP address.
PAGE 129
Setting the Online Collation Function Default Value localhost Module mod_ldap AuthLDAPPort Name AuthLDAPPort Synopsis AuthLDAPPort Port-number Description Specifies the port number of the directory server.
PAGE 130
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Description Specifies whether to use SSL for the operation of the online collation function. on SSL is used. off SSL is not used. Context Directory Default Value off Module mod_ldap AuthLDAPSlotPath Name AuthLDAPSlotPath Synopsis AuthLDAPSlotPath slot-information-directory-name Description Uses the absolute path to specify the slot information directory specified when the private-key control environment was created.
PAGE 131
Setting the Online Collation Function AuthLDAPTknLbl Name AuthLDAPTknLbl Synopsis AuthLDAPTknLbl token-label Description Specifies the token label specified when the private-key was created. Context Directory Default Value None Module mod_ldap AuthLDAPTknPwd Name AuthLDAPTknPwd Synopsis AuthLDAPTknPwd user-PIN Description Specifies the user PIN specified when the private-key was created.
PAGE 132
Chapter 3: Authentication and Access Control for the Interstage HTTP Server AuthName Name AuthName Synopsis AuthName 'title' Description Specifies the title displayed on the authentication screen in the ASCII alphanumeric characters (1 byte characters). Context Directory Default value None AuthType Name AuthType Synopsis AuthType Basic Description Specifies the type of authentication 'Basic'. Basic Sets basic authentication (the passwords are plain text).
PAGE 133
Setting the Online Collation Function Name Synopsis ... Description Specifies the directory section only when a directive is used within the specific directory and subdirectories of that directory. The directory name can be specified using a relative path, wild card (? indicates a specific character, * indicates a character string), and regular expressions.
PAGE 134
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Default Value None #-1 Note Group ID operates as 4294967295 when '#-1' is specified. Initial Value Group nobody Group "#-1" LoadModule Name LoadModule Synopsis LoadModule module-name file-name Description Reads a module. Specify the file name of a module using the absolute path or the relative path from the ServerRoot directive.
PAGE 135
Setting the Online Collation Function Module mod_so Require Name Require Synopsis Require valid-user|user user-name|group group-name Description Specifies the rule to be applied for user authentication. valid-user Authenticates all valid users. When the online collation function is used, users registered with the directory server are allowed. user user-name Authenticates users specified by user-name. When the online collation function is used, the uid attribute of the user is specified as the username.
PAGE 136
Chapter 3: Authentication and Access Control for the Interstage HTTP Server Examples To authenticate a user 'taro': Require user taro To allow authentication of a user belonging to the group entry with the cn attribute 'ihsgroup' when the online collation function is used: Require group cn=ihsgroup,ou=User,ou=interstage,o=fujitsu,dc=com ServerRoot Name ServerRoot Synopsis ServerRoot directory-path Description Sets the root directory path in which the server lives.
PAGE 137
Setting the Online Collation Function User Name User Synopsis User userID Description Specifies the name of the user who executes the server process. For the user ID, the user name can be specified, or the user ID (numeric value) can be specified following a number sign (#).
PAGE 138
Chapter 3: Authentication and Access Control for the Interstage HTTP Server 3-42
PAGE 139
Part III Firewall and Proxy Server
PAGE 140
PAGE 141
Chapter 4 HTTP Tunneling This chapter describes HTTP Tunneling.
PAGE 142
Chapter 4: HTTP Tunneling HTTP Data Communication Using HTTP Tunneling In HTTP tunneling, data communication using the HTTP protocol can be conducted by converting data communication with the IIOP protocol used usually in CORBA applications into HTTP data. This is a useful function when you want to establish client-server linkage beyond the firewall.
PAGE 143
HTTP Data Communication Using HTTP Tunneling Developing the CORBA Application When HTTP tunneling is used by a CORBA application, the ordinary CORBA application can be used intact. The application need not be recreated (including re-linkage) to use the HTTP tunneling function. Constructing the HTTP Tunneling Environment (Constructing the HTTP Gateway Environment) To perform data communication by the CORBA application through HTTP, the HTTP gateway environment must be constructed in the Web server.
PAGE 144
Chapter 4: HTTP Tunneling HTTP Tunneling Setup This section describes the procedure for setting the environment when using the HTTP tunneling in the CORBA application linkage. Overview This section describes the procedures for setting up the environment when HTTP tunneling is used. Set up the environment for the Web server. HTTP tunneling can be used by specifying the parameter when client applications are started.
PAGE 145
HTTP Tunneling Setup (1) Using Interstage HTTP Server Copy the following file (the installation path is the default) to the modules directory of the Interstage HTTP Server: C:\Interstage\ODWIN\bin\httpgw\ODhttpAp.dll Copy the following file (the installation path is the default) to the libexec directory of the Interstage HTTP Server. /opt/FSUNod/lib/libOMhttpAp.
PAGE 146
Chapter 4: HTTP Tunneling Notes • When the Web server is Interstage HTTP Server, messages od40001 and od40002 are not output. (2) Using InfoProvider Pro Copy the following files to the CGI directory in the InfoProvider Pro. Example If the CGI directory in the InfoProvider Pro is C:\wwwhome\cgi-bin copy “C:\Interstage\ODWIN\bin\httpgw\ODhttp.dll” C:\wwwhome\cgi-bin Copy the following files to the CGI directory in the InfoProvider Pro. /opt/FSUNod/lib/libOMhttp.
PAGE 147
HTTP Tunneling Setup For IIS 6.0: 1. Select [Control Panel] > [Administrative Tools] > [Internet Information Services (IIS) Manager] to start Internet Information Services (IIS) Manager. 2. Click the icon for the local computer, and then select the target Web site from Web Sites. 3. Click [Operation] > [Create New] > [Virtual Directory]. 4. On the virtual directory creation wizard, click [Next]. 5. Enter an alias name (e.g., cgi-bin) in the Alias field, and then click [Next]. 6.
PAGE 148
Chapter 4: HTTP Tunneling Setting up HTTP Tunneling In order to use HTTP tunneling, specify the parameters in Table 4-1 for the CORBA_ORB_init function called by a client application. Application other than Java applet Specify as a parameter when starting the application.
PAGE 149
HTTP Tunneling Setup Parameter Name Meaning Specify the cgi ID if Web Server is used. If using Internet Information Services, specify the alias of the virtual directory. gateway-name: Specify Odhttp.dll (HTTP-IIOP gateway) Specify libOMhttp.so (HTTP-IIOP gateway) *1) If yes is specified, the HTTP tunneling function is valid if the value of argc.argv posted by the parameter in CORBA_ORB_init() is specified.
PAGE 150
Chapter 4: HTTP Tunneling Application Other than the Java Applet Specify the parameter in the following way when a client application (sample_c) is started: (1) For Interstage HTTP Server sample_c -ORB_FJ_HTTP yes -ORB_FJ_SSL yes -ORB_FJ_HTTPGW http://host.com/od-httpgw (2) For other than Interstage HTTP Server sample_c –ORB_FJ_HTTP yes -ORB_FJ_HTTPGW http://host.com/cgi-bm/Odhttp.dll sample_c –ORB_FJ_HTTP yes -ORB_FJ_HTTPGW http://host.com/cgi-bm/libOMhttp.
PAGE 151
HTTP Tunneling Setup
(2) For other than Interstage HTTP Server Java sample Applet Java sample Applet
PAGE 152
Chapter 4: HTTP Tunneling

(2) For other than Interstage HTTP Server Java sample Applet Java sample Applet
PAGE 153
HTTP Tunneling Setup Setting to be Made When an HTTP Proxy Server is to be Used When performing HTTP tunneling through an HTTP proxy server in the pre-installation type run-time (in an execution environment other than Portable-ORB), it is necessary to set the following in the config file of the CORBA server. http_proxy_use: Specify whether to use HTTP tunneling (yes/no) http_proxy: Specify the HTTP proxy server host name. http_proxy_port: Specify the HTTP proxy server port number.
PAGE 154
Chapter 4: HTTP Tunneling 4-14
PAGE 155
Chapter 5 HTTP Tunneling of J2EE This chapter describes the HTTP Tunneling of J2EE.
PAGE 156
Chapter 5: HTTP Tunneling of J2EE Use of HTTP Tunneling in J2EE Application Client To use HTTP tunneling with a J2EE application client, specify a gateway for processing HTTP tunneling using HTTPGW of the JNDI environment property. The environment property specifies the gateway using either of the following methods. 1. The FJjndi.properties file The FJjndi.
PAGE 157
Use of HTTP Tunneling in J2EE Application Client The environment property in which the gateway is specified is shown in Table 5-1. Table 5-1 Environment Property Environment Property Meaning HTTPGW Specifies the gateway that processes HTTP tunneling. If it is omitted, tunneling is not used.
PAGE 158
Chapter 5: HTTP Tunneling of J2EE (1) For Interstage HTTP Server http://ipv4address_host-name/url-name http://ipv4address_host-name:Port_number/url-name https://ipv4address_host-name/url-name https://ipv4address_host-name:Port_number/url-name (2) For other than Interstage HTTP Server http://IPv4-address-host-name/cgi-identification-name/gateway-name http://IPv4-address-host-name:Port_number/cgi-identificationname/gateway-name http://[IPv6-address]/cgi-identification-name/gateway-name http://[IPv6-address]
PAGE 159
Method for Using HTTP Tunneling with IJServer (Contains Web Applications Only) Method for Using HTTP Tunneling with IJServer (Contains Web Applications Only) HTTP tunneling can be used with IJServer only when IJServer is ‘Web Applications Only’ type. To use HTTP tunneling with web applications, HTTP tunneling parameters must be passed to the CORBA_ORB_init() function.
PAGE 160
Chapter 5: HTTP Tunneling of J2EE Method for Using HTTP Tunneling with Java Applets When Java applets start, HTTP tunneling is specified with parameters of the tags in HTML. For information about the parameters to be specified, refer to HTTP Tunneling Parameters in Setting Up HTTP Tunneling in Chapter 4. An example is shown below. (1) For Interstage HTTP Server. (The items in bold text are the settings for the parameters.) PAGE 161
Chapter 6 Linkage of the Proxy This chapter describes the linkage of the Proxy.
PAGE 162
Chapter 6: Linkage of the Proxy Linkage of the Proxy and SOAP Service SOAP service can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Plus. In the Interstage SOAP service, linkages between Web services through a proxy are possible. For details, refer to the following parts in the SOAP Service User's Guide depending on the application to be created.
PAGE 163
Part IV Authentication and Encrypted Communications through Support for SSL This part of the manual explains how to perform encryption communication using SSL. Encryption and signature handling require environments for controlling certificates and private keys to be configured. Interstage uses three different environments described below for those purposes. Select an environment that is suitable for the services you use and your usage situation.
PAGE 164
Table 7-1 shows which service can support which environment.
PAGE 165
Chapter 7 Setting and Use of the Interstage Certificate Environment This chapter explains what is required for signature and encryption processing for SSL, and explains the required processing settings. This chapter describes a case in which the Interstage certificate environment is used. Note To use the Interstage certificate environment, you need to have the Interstage Management Console installed.
PAGE 166
Chapter 7: Setting and Use of the Interstage Certificate Environment Certificates and Private Keys This section explains certificates and private keys. What are the Certificates and the Private Keys? The CA (certification authority) certificate, site certificate, and corresponding private key are required for signature and encryption processing such as for SSL communication. A certificate revocation list (CRL) is also used to check the validity of a certificate. A certificate and CRL that conform to X.
PAGE 167
Certificates and Private Keys Table 7-2 shows the situations in which certificates including UTF-8 cannot be used. If a certificate including UTF-8 cannot be used, use a certificate that does not include UTF-8.
PAGE 168
Chapter 7: Setting and Use of the Interstage Certificate Environment CA (Certification Authority) The CA (Certification Authority) is required to obtain a certificate. The Interstage Certificate Environment supports "Secure Site" certificates issued by the VeriSign Inc. Certification Authority. reference Certificates issued by certification authorities other than those listed above are considered to be granted on the condition that they conform to X.509 or RFC2459.
PAGE 169
Configuring Environments Configuring Environments The Interstage Certificate Environment is an environment in which certificates, private keys, and CRLs are managed. The Interstage Certificate Environment is configured and updated using commands and referenced using the Interstage Management Console. This section describes how to configure the Interstage certificate environment.
PAGE 170
Chapter 7: Setting and Use of the Interstage Certificate Environment Using PKCS#12 Data Use PKCS#12 data when a private Certification Authority is configured for a large-scale user and certificates are batch-issued. Configure the environment using the following steps: 1. Create an Interstage certificate environment owner group. Refer to Setting up Access Permissions in the Interstage Certificate Environment 2. Configure the Interstage certificate environment.
PAGE 171
Configuring Environments Note • Execute the commands as a superuser. • For effective users to be registered in the Interstage certificate environment, if SSL is used on Interstage HTTP Server, you need to set users who have been specified in the User directive of the Interstage HTTP Server environment definition file (httpd.conf). The initial user value specified in the User directive is "nobody.
PAGE 172
Chapter 7: Setting and Use of the Interstage Certificate Environment Configuring the Interstage Certificate Environment with CSR This section describes how to configure the Interstage certificate environment using a CSR (Certificate Signing Request). Create an Interstage certificate environment using the following steps: 1. Configure the Interstage certificate environment and create a CSR (Certificate Signing Request). 2. Request a certificate. 3. Register the certificates and CRLs.
PAGE 173
Configuring the Interstage Certificate Environment with CSR Configuring an Interstage Certificate Environment and Creating a Certificate Signing Request (CSR) A certificate must be obtained to perform signature and encryption processing such as for SSL. For this purpose, it is necessary to create a certificate signing request (CSR) that is the data used to request the CA to issue a certificate. When a CSR is created, an Interstage Certificate Environment is also created if it does not exist.
PAGE 174
Chapter 7: Setting and Use of the Interstage Certificate Environment The services listed below are concerned: − Interstage SOAP Service − Smart Repository (If using SSL is defined in the Replication Connection Settings in master of replication mode) − CORBA Service (client-sided setting when SSL linkage is in use, if client authentication is not to be performed) − Servlet Service (SSL communication setting on the Web server connector side when Web server and WorkUnit are not on the same machine) −
PAGE 175
Configuring the Interstage Certificate Environment with CSR Registering the CA Certificate Register the obtained CA certificate. An example of registration is shown below. scsenter -n CA -f C:\my_folder\CA.der scsenter -n CA -f /usr/home/my_dir/CA.der The CA certificate can be referenced by selecting [System] > [Security] > [Certificates] > [CA certificates] from the Interstage Management Console.
PAGE 176
Chapter 7: Setting and Use of the Interstage Certificate Environment Registering the Certificate of Another Reliable Site Register the certificate of another reliable site. An example of registration is shown below. scsenter -n OtherSiteCert -f C:\my_folder\OtherSiteCert.der -e scsenter -n OtherSiteCert -f /usr/home/my_dir/OtherSiteCert.
PAGE 177
Configuring the Interstage Certificate Environment with PKCS#12 Configuring the Interstage Certificate Environment with PKCS#12 This section describes how to configure the Interstage certificate environment using PKCS#12 data. Create an Interstage certificate environment using the following steps: 1. Configuring the Interstage certificate environment 2.
PAGE 178
Chapter 7: Setting and Use of the Interstage Certificate Environment Registering PKCS#12 Data, Certificates, and CRLs Register the PKCS#12 data, certificate, and CRL obtained from the Certification Authority in the Interstage certificate environment. Note Importing the PKCS#12 data registers the site certificate, private key corresponding to it, and the Certification Authority certificate in the Interstage certificate environment.
PAGE 179
Configuring the Interstage Certificate Environment with PKCS#12 Importing the PKCS#12 data Import the site certificate and private key delivered using PKCS#12 data into the Interstage certificate environment. An example of registration is shown below. scsimppfx -f C:\my_folder\MyCert.p12 scsimppfx -f /usr/home/my_dir/MyCert.p12 The site certificate can be referenced by selecting [System] > [Security] > [Certificates] > [Site certificates] from the Interstage Management Console.
PAGE 180
Chapter 7: Setting and Use of the Interstage Certificate Environment Registering a CRL Register the obtained CRL. An example of registration is shown below. scsenter -c -f C:\my_folder\CRL.der scsenter -c -f /usr/home/my_dir/CRL.der Note The SOAP client and Servlet Service (container) do not reference CRL to check for revocation.
PAGE 181
Configuring Certificate Settings Configuring Certificate Settings After configuring the Interstage certificate environment, you need to make the settings for users of the certificate. This section describes how to do this. 1. Defining the use of certificates. 2. Setting up various service environments.
PAGE 182
Chapter 7: Setting and Use of the Interstage Certificate Environment • CORBA Service [System] > [Environment setup] tab > [Detail setting] > [CORBA service detail setting] window. To use SSL on a CORBA WorkUnit, you need to set up SSL on the CORBA WorkUnit setup screen.
PAGE 183
Certificate Management Certificate Management After system operation begins, certificates, private keys, and CRLs must be correctly managed. The commands shown in Table 7-3 are provided for certificate management: Table 7-3 Certificate Management Commands Command Function scsmakeenv Configures or modifies the Interstage certificate environment.
PAGE 184
Chapter 7: Setting and Use of the Interstage Certificate Environment If a New Certificate and CRL are Obtained If a new certificate is issued or a new CRL is obtained due to an increase in certificate usage after system operation begins, use the scsenter command to register the certificate or CRL in the Interstage Certificate Environment.
PAGE 185
Chapter 8 Setting and Use of the Certificate/Key Management Environment Using the SMEE Command This chapter describes the requirements for SSL communication and the required settings. It describes where to use a certificate/key management environment using the SMEE commands. To use a certificate/key management environment, you need to install the secure communication services (FJSVsmee, FJSVsclr, and FSUNssll).
PAGE 186
Chapter 8: Setting and Use of the Certificate/Key Management Environment Using the SMEE Command SSL Libraries Used with the Certificate/Key Management Environment This section explains the following topics: • Types of SMEE Libraries • Certificate/Key Management Environment • Environment Setting for Certificate/Key Management Environment • Operating the Client Certificate • Resource Registration • Management of a Certificate/Key Management Environment Types of SMEE Libraries With Interstage Appl
PAGE 187
SSL Libraries Used with the Certificate/Key Management Environment SSL Library SMEE2 SMEE3 CORBA Service X O Certificate/Key Management Environment The following explains the certificate/key management environment, which is the operation environment when SSL (Secure Socket Layer) is used. Certificate and Private Key To use SSL, the CA (Certification Authorities) certificate, site certificate, and corresponding private key are required.
PAGE 188
Chapter 8: Setting and Use of the Certificate/Key Management Environment Using the SMEE Command In addition, you can import PKCS#12 data exported from the Certificate/Key Management Environment into the following environments: • Interstage certificate environment (by means of the scsimppfx command) • Certificate/key management environment created with the SMEE command (by means of the cmentpfx command) CA (Certification Authority) The CA (Certification Authority) is required to create a certificate.
PAGE 189
SSL Libraries Used with the Certificate/Key Management Environment Figure 8-2 Relationship between Slot, Token and Private Key The slot password is needed for operations processing slot information, and the SO-PIN or user PIN is needed for operations processing token information. These passwords and PINs are set when the slot is generated or when the token is generated, respectively. The SO-PIN is set and is not used in normal operation.
PAGE 190
Chapter 8: Setting and Use of the Certificate/Key Management Environment Using the SMEE Command 3. Register the certificate and CRL. − Register the certificate of the CA. − Register the site certificate. − Register the CRL. For details of each command used hereafter, refer to the Reference Manual (Command Edition).
PAGE 191
SSL Libraries Used with the Certificate/Key Management Environment Creating a Certificate/Key Management Environment Create a certificate/key management environment, which is the operation environment when using SSL. Creating Management Directories Four directories are required for the certificate/key management environment. Create the four directories using the commands provided by the operating system.
PAGE 192
Chapter 8: Setting and Use of the Certificate/Key Management Environment Using the SMEE Command mkslt -sd d:\sslenv\slot #Generation and initialization of slot information directory mktkn -sd d:\sslenv\slot -sn 1 -tl Token01 #Initial token settings mkslt -sd /export/home/slot #Generation and initialization of slot information directory mktkn -sd /export/home/slot -sn 1 -tl Token01 #Initial token settings Creating a Certificate Management Environment Create and set up the certificate management environmen
PAGE 193
SSL Libraries Used with the Certificate/Key Management Environment Creating a Private Key and Acquiring a Certificate Make a request to issue a certificate to the CA and acquire it. Creating a CSR (At the Same Time Creating a Private Key) Create a CSR to request the CA to issue a certificate. Executing the following commands creates a private key at the same time. Note To secure the private key, keep a backup of the certificate/key management environment file until the certificate is obtained.
PAGE 194
Chapter 8: Setting and Use of the Certificate/Key Management Environment Using the SMEE Command Registering the Certificate and CRL Register the obtained certificate and CRL in the certificate management environment. After registering the certificate and CRL, make a backup of the certificate/key management environment. For details on how to make a backup, see the description of making a backup of data related to each service in Operator's Guide or "Resource Registration", "1.
PAGE 195
SSL Libraries Used with the Certificate/Key Management Environment The example below assumes the site certificate is contained in /export/home/my_site_cert.der file. # cmentcert /export/home/my_site_cert.der -ed /export/home/sslcert -own -nn MySiteCert Note For the CORBA service, if you do not authenticate clients, you do not have to register site certificates on CORBA clients. Registering CRL Register the CRL in the certificate management environment.
PAGE 196
Chapter 8: Setting and Use of the Certificate/Key Management Environment Using the SMEE Command Obtaining the Client Certificate To obtain a client certificate, ask the Certification Authority to issue the certificate. The client certificates that Web Server can use are those issued by VeriSign Inc. For issuance of client certificates by VeriSign Inc., refer to the companies listed in Figure 8-3.
PAGE 197
SSL Libraries Used with the Certificate/Key Management Environment The following shows the procedure for migration: 1. Search for existing resources (private key and certificates). 2. Create a certificate/key management environment. 3. Register resources searched for in 1 in the environment created in 2. 4. Register the user PIN. For command details, refer to the Reference Manual (Command Edition). 1. Search for Existing Resources (Private Key and Certificates).
PAGE 198
Chapter 8: Setting and Use of the Certificate/Key Management Environment Using the SMEE Command The example below assumes the newly created Certificate/Key Management Environment is d:\sslnewenv\sslcert. # cmentpfx /entdir/my_site_pfx.pfx -ed /export/home/new/sslcert -sn 1 -nn MyNewSiteCert -entca When registering the pfx data, specify "-entca" because the CA certificate is contained in the pfx data.
PAGE 199
SSL Libraries Used with the Certificate/Key Management Environment Management of a Certificate/Key Management Environment Because each user certificate has an expiry date, re-acquisition and re-registration of certificates are needed. The commands shown in Table 8-3 are therefore provided for managing certificates: Table 8-3 Commands for Managing Certificates Command Description cmlistcert Displays a list of certificates registered with the certificate/key management environment.
PAGE 200
Chapter 8: Setting and Use of the Certificate/Key Management Environment Using the SMEE Command 8-16
PAGE 201
Chapter 9 How to Use SSL with Interstage HTTP Server This chapter explains how to use the SSL for the Interstage HTTP Server. The Interstage HTTP Server can use the following two environments for managing the certificates and private keys required for encryption and signature processing: • Interstage certificate environment • Certificate/key management environment configured with the SMEE command Set either of the above SSL environments according to the operation type.
PAGE 202
Chapter 9: How to Use SSL with Interstage HTTP Server Setting SSL for Interstage Certificate Environments To use SSL for an Interstage certificate environment on the Interstage HTTP Server, configure the Interstage certificate environment, and then set an SSL environment using the Interstage management console. For more information, refer to Chapter 7, Setting and Use of the Interstage Certificate Environment.
PAGE 203
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands On the Interstage HTTP Server, to use SSL for a certificate/key management environment configured with the SMEE commands, follow the procedure below to set an SSL environment: 1. Create a certificate/key management environment.
PAGE 204
Chapter 9: How to Use SSL with Interstage HTTP Server Example When the user PIN (dialog input) is encrypted and registered to the user PIN management file "d:\ssl\upinfile". ihsregistupin -f d:\ssl\upinfile -d d:\sslenv\slot Example When the user PIN (dialog input) is encrypted and registered to the user PIN management file "/home/ssl/upinfile".
PAGE 205
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands ServerName main.example.com # Using SSL SSLExec on # SSL protocol version SSLVersion 2-3 # Level of client certification (Specify “none” when operating it without the client attestation.
PAGE 206
Chapter 9: How to Use SSL with Interstage HTTP Server # Server name ServerName main.example.com # User of creating a certificate/key management environment is set User user1 # Group of creating a certificate/key management environment is set Group group1 # Using SSL SSLExec on # SSL protocol version SSLVersion 2-3 # Level of client certification (Specify “none” when operating it without the client attestation.
PAGE 207
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands # Slot information directory SSLSlotDir d:/ssl/slotdir # Token label SSLTokenLabel secret_key_tok # User PIN file SSLUserPINFile d:/ssl/upinfile # # Virtual host not using SSL (Port number: 80) # # Sets up a virtual host # Host name ServerName main.example.
PAGE 208
Chapter 9: How to Use SSL with Interstage HTTP Server SSLVersion 2-3 # Level of client certification SSLVerifyClient require # Operation control directory SSLEnvDir d:/ssl/envdir # Nickname of the site certificate SSLCertName cert_for_manager # Nickname of the client CA certificate SSLClCACertName CACert_InfoCA # Method of encryption SSLCipherSuite RC4-MD5:RC2-MD5:EXP-RC4-MD5:RSA-RC4-MD5:RSA-RC4-SHA:RSA-EXPORT-RC4-MD5 # Create access log files CustomLog "|ihsrlog –s logs/accesslog_secure2 1 5" common # Cre
PAGE 209
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands # # Virtual host not using SSL (Port number: 80) # # Sets up a virtual host # Host name ServerName main.example.com # Root directory open to the public DocumentRoot /home/www/public # # Virtual host using SSL (Port number:443) # # Sets up a virtual host # Host name ServerName main.example.
PAGE 210
Chapter 9: How to Use SSL with Interstage HTTP Server # Nickname of the site certificate SSLCertName cert_for_manager # Nickname of the client CA certificate SSLClCACertName CACert_InfoCA # Method of encryption SSLCipherSuite RC4-MD5:RC2-MD5:EXP-RC4-MD5:RSA-RC4-MD5:RSA-RC4-SHA:RSA-EXPORT-RC4-MD5 # Create access log files CustomLog "|/opt/FJSVihs/bin/ihsrlog –s /var/opt/FJSVihs/logs/accesslog_secure2 1 5" common # Create error log files ErrorLog "|/opt/FJSVihs/bin/ihsrlog -s /var/opt/FJSVihs/logs/errorlog_s
PAGE 211
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands Relating Directives The following directives are related to the setup of the environment definition file needed to use SSL. The description includes the following: Name Directive name Synopsis Directive format Description Functional overview of the directive Context Directive-set location indicated with one of the following keywords: Global context Setting used for action of the entire Web server.
PAGE 212
Chapter 9: How to Use SSL with Interstage HTTP Server AddModule Name AddModule Synopsis AddModule module [module] ... Description Enables read modules or embedded modules. Context Global context Default value None Alias Name Alias Synopsis Alias URL-path file-path|directory-path Description Specifies a directory to be handled as a virtual directory. Documents provided can be stored in directories other than the directory specified with the DocumentRoot directive.
PAGE 213
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands CustomLog Name CustomLog Synopsis CustomLog “|ihsrlog-command-execution-statement”|log-file-name nickname [env=[!]environment-variable] Description Creates access log files. ihsrlog-command-execution-statement Specifies the ihsrlog command execution statement. log-file-name Specifies the name of the file to which access log messages are to be output.
PAGE 214
Chapter 9: How to Use SSL with Interstage HTTP Server Initial value CustomLog "|ihsrlog -s logs/accesslog 1 5" common CustomLog "|/opt/FJSVihs/bin/ihsrlog –s /var/opt/FJSVihs/logs/accesslog 1 5" common Module mod_log_config DocumentRoot Name DocumentRoot Synopsis DocumentRoot directory-path Description The directory that httpd provides the file is set.
PAGE 215
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands Example Accesses "/usr/web/index.html" when specifying, "http://www.my.host.com/index.html" from a Web browser. DocumentRoot “/usr/web” ErrorLog Name ErrorLog Synopsis ErrorLog “|ihsrlog-command-execution-statement”|log-file-name Description Creates error log files. ihsrlog command execution statement Specifies the ihsrlog command execution statement.
PAGE 216
Chapter 9: How to Use SSL with Interstage HTTP Server ErrorLog "|/opt/FJSVihs/bin/ihsrlog -s /var/opt/FJSVihs/logs/errorlog 1 5" Group Name Group Synopsis Group groupID Description Specifies the name of the group to use when a server process is executed. For the group ID, the group name can be specified, or the group ID (numeric value) can be specified following a number sign (#) .
PAGE 217
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands Listen Name Listen Synopsis Listen [IP-address:]port Description Specifies the port numbers or IP addresses of the multiple ports that receive the connection requests from clients. Normally, ports or addresses are specified in the Port directive, but in this directive, multiple port numbers as well as IP addresses can be specified.
PAGE 218
Chapter 9: How to Use SSL with Interstage HTTP Server %l Personal information of a user returned from a client %{Cookie}n Client IP address and a value of cookie %r The first line of a request %s A status code for a request %t Time and date when a request was made %T Duration (seconds) from the acceptance of a request from the client to completion of processing %u Name of a user sent from a client %U A path of the requested URL For nickname, a nickname for the set format is specified.
PAGE 219
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands Port Name Port Synopsis Port port-number Description The network port number is set when the server starts. It is possible to specify it from 1 to 65535. Context Global context Default value 80 Note If possible, avoid using port numbers 1-1023 of Well Known ports when specifying a port number other than 80 (HTTP) or 443 (HTTPS). This ensures that you do not specify a port number that is already in use.
PAGE 220
Chapter 9: How to Use SSL with Interstage HTTP Server Initial value ScriptAlias /cgi-bin/ "C:/Interstage/F3FMihs/cgi-bin/" ScriptAlias /cgi-bin/ "/opt/FJSVihs/cgi-bin/" Module mod_alias ServerAdmin Name ServerAdmin Synopsis ServerAdmin email-address Description Specifies the server administrator e-mail address the server puts in error messages sent to clients.
PAGE 221
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands Context Global context, Virtual host Default value none ServerRoot Name ServerRoot Synopsis ServerRoot directory-path Description Sets the root directory path in which the server lives. Relative paths for setting files are based on the directory set in this directive. Normally, conf/ and logs/ are placed under this directory as subdirectories. Be sure to set this directive.
PAGE 222
Chapter 9: How to Use SSL with Interstage HTTP Server SetEnvIf Name SetEnvIf Synopsis SetEnvIf attribute attribute-value environment-variable[=value] Description Set an environment variable when attributes in a request header from a client match with specified attribute values. As attributes, the HTTP request header information shown below must be specified. Regular expressions can be used for attribute values.
PAGE 223
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands Synopsis SSLCertName nickname Description Specifies the nickname of a site certificate registered in the certificate and CRL control environment, in up to 128 characters. Only one SSLCertName directive can be defined for each host.
PAGE 224
Chapter 9: How to Use SSL with Interstage HTTP Server SSLCipherSuite Name SSLCipherSuite Synopsis SSLCipherSuite encryption-method Description Specify the methods of encryption in descending order of priority. Use colons (:) as delimiters. When the Version 2.0 SSL protocol is used (if 2 or 2-3 is specified for the SSLVersion directive), the following values can be specified.
PAGE 225
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands Point The encryption types shown in the encryption method item ("SSL_TXT_XXX") supported by Interstage Application Server are: • Public-key encryption method: RSA • Private-key encryption method: DES, 3DES (triple DES), RC4, RC2 (NULL means no encryption.) • Private-key processing mode: CBC, EDE (the numerical value shows the block length.
PAGE 226
Chapter 9: How to Use SSL with Interstage HTTP Server SSLEnvDir Name SSLEnvDir Synopsis SSLEnvDir operation-control-directory-name Description Specifies the operation control directory used for SSL along with the absolute path. Only one SSLEnvDir directive can be defined for each host. Context Global context, Virtual host Default value none Module mod_ihs_ssl SSLExec Name SSLExec Synopsis SSLExec [on|off] Description Specifies whether SSL is used. Only one SSLExec directive can be defined for each host.
PAGE 227
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands Default value off Module mod_ihs_ssl SSLSlotDir Name SSLSlotDir Synopsis SSLSlotDir slot-information-directory Description Specifies the slot information directory for the private key control environment along with the absolute path. Only one SSLSlotDir directive can be defined for the basic area of the environment definition file (httpd.conf).
PAGE 228
Chapter 9: How to Use SSL with Interstage HTTP Server Context Global context Default value none Module mod_ihs_ssl SSLUserPINFile Name SSLUserPINFile Synopsis SSLUserPINFile user-PIN-file-name Description Specifies a user PIN file along with the absolute path. Only one SSLUserPINFile directive can be defined for the basic area of the environment definition file (httpd.conf). For information on creating a user PIN file, see ihsregistupin in the Reference Manual (Command Edition).
PAGE 229
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands SSLVerifyClient Name SSLVerifyClient Synopsis SSLVerifyClient [none|optional|require] Description Specifies the level of client certification when using SSL protocol version 3.0. Only one SSLVerifyClient directive can be defined for each host. none Does not verify a client certificate. optional Verifies a client certificate. When a client does not provide the client certificate, the processing continues.
PAGE 230
Chapter 9: How to Use SSL with Interstage HTTP Server SSLVersion Name SSLVersion Synopsis SSLVersion [2|3|2-3] Description Specifies the version of SSL protocol to be used. Only one SSLVersion directive can be defined for each host. 2 Uses SSL protocol version 2.0. 3 Uses SSL protocol version 3.0. 2-3 When SSL protocol version 3.0 can be used for communication with a client, the protocol is used. Otherwise, SSL protocol version 2.0 is used.
PAGE 231
Setting SSL for Certificate/Key Management Environments Configured with the SMEE Commands User Name User Synopsis User userID Description Specifies the name of the user who executes the server process. For the user ID, the user name can be specified, or the user ID (numeric value) can be specified following a number sign (#).
PAGE 232
Chapter 9: How to Use SSL with Interstage HTTP Server Name Synopsis address[:port]> ... Description Sets up a virtual host. The following are specified for the address. • The IP address of the virtual host • A fully qualified domain name for the IP address of the virtual host. When the address is not specified, a special name "< VirtualHost _default_>" can be specified. The port number that a virtual host uses is specified for the port.
PAGE 233
Chapter 10 How to Use SSL with the CORBA Service Client-server application linkage using the CORBA Service enables encrypted communication via SSL. This chapter explains the SSL communication via the CORBA application. In the CORBA service, the two environments listed below can be used to manage certificates and private keys required for encryption and signature processing.
PAGE 234
Chapter 10: How to Use SSL with the CORBA Service Use the following procedure to add executing user access authority to the certificate/key management environment: Use Windows Explorer to select the certificate and key management environment folders. In the [Properties] menu, [Security] tab window, add access authority by adding users and groups. Set [Full Control] for the users and groups that are added.
PAGE 235
SSL Linkage of the CORBA Service SSL Linkage of the CORBA Service The SSL linkage function of the CORBA Service performs encrypted communication that is used for transferring data between CORBA applications by using SSL. Mechanism of the SSL Linkage Function If encrypted communication is set for the object reference of the server application in CORBA application linkage, encrypted communication using SSL is conducted with any client linked to the object.
PAGE 236
Chapter 10: How to Use SSL with the CORBA Service Constructing SSL Linkage Environment To perform encryption communication using SSL, the following processing must be done for the server and client: creating the certification management environment and registering the certificates.
PAGE 237
SSL Linkage of the CORBA Service Operating the SSL Linkage The application linkage that uses SSL can be performed by accessing the server application ( for the object reference). SSL information is to be added to this using the OD_or_adm and OD_impl_inst commands. SSL Linkage in the IPv6 Environment The SSL linkage function cannot be used in the IPv6 environment.
PAGE 238
Chapter 10: How to Use SSL with the CORBA Service CORBA Server Environment Setup Configure an Interstage certificate environment, or configure a certificate/key management environment with the SMEE commands, according to the operation type. To use the Interstage certificate environment, set an SSL environment in the CORBA service using the Interstage management console.
PAGE 239
SSL Environment Setup in Client SSL Environment Setup in Client To use an Interstage certificate environment, set an SSL environment using the Interstage management console. The following is the procedure for setting an environment that enables CORBA clients to use SSL in a certificate/key management environment configured with the SMEE commands. 1. Create a certificate/key management environment. For details, refer to Creating a Certificate/Key Management Environment in Chapter 7. 2.
PAGE 240
Chapter 10: How to Use SSL with the CORBA Service Example Define a private key/certificate in the CORBA Service. odsetSSL -sd C:\slot -ed C:\sslcert -tl Token01 -nn Jiro UserPIN: Re-type UserPIN: Note Do not specify a nickname (“-nn Jiro” in the above example) in operation mode without using client certificates under SSL version 3.0. Security Attributes For more information about the odsetSSL command, refer to odsetSSL in the Reference Manual (Command Edition).
PAGE 241
Environment Setup for Event Service Environment Setup for Event Service The Event Service can be used with the following products: • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Plus. For SSL communication in the Event Service, the SSL environment of the CORBA Service must be set up. For information about the SSL environment setup of the CORBA Service, refer CORBA Server Environment Setup.
PAGE 242
Chapter 10: How to Use SSL with the CORBA Service For Dynamic Generation and Operation (for Environment Setting using the Event Service Operation Command) To set up an event service and an event factory using the essetup command, set up the SSL communication by specifying the -ssl option.
PAGE 243
Chapter 11 How to Use SSL with J2EE This chapter describes how to use SSL with J2EE.
PAGE 244
Chapter 11: How to Use SSL with J2EE Environment Setup for Servlet Service This section explains how to operate the Interstage Management Console. When Performing Encrypted Communication Using SSL between the Web Browser and Web Server Set SSL with the Web server. On the Interstage Management Console, select [Services] > [Web Server] > [Web Server Settings] tab > [Detailed Settings[Show]], then set the following at [SSL Settings].
PAGE 245
Environment Setting for EJB Service Environment Setting for EJB Service When using SSL linkage, use the Interstage Management Console to set encrypted communication using SSL. This setup is the same as for an application using SSL in CORBA Service. For details, refer to Chapter10, How to Use SSL with the CORBA Service. Web-J Edition supports only the client function of the Interstage EJB service.
PAGE 246
Chapter 11: How to Use SSL with J2EE Environment Setting for Interstage JMS Interstage JMS can be used with the following products. • Interstage Application Server Enterprise Edition • Interstage Application Server Standard Edition • Interstage Application Server Plus If SSL is to be used for Interstage JMS, settings for signature and encryption processing must be implemented such as for SSL. Refer to Chapter 8, Setting and Use of the Certificate/Key Management Environment Using the SMEE Command.
PAGE 247
Chapter 12 Using SSL for Smart Repository Smart Repository supports encrypted communication using SSL. This chapter explains SSL communication for the Smart Repository.
PAGE 248
Chapter 12: Using SSL for Smart Repository SSL linkage Environment Setup To implement encrypted communication using SSL between a Smart Repository client and server, the SSL environment must be registered in the client and SSL information must be set for the SSL communication server. To implement SSL communication between the master and slave in replication operation mode, the master and slave must both be set up in a certificate management environment and registered with a certificate.
PAGE 249
Environment Setup for Using SSL between Smart Repository Client and Server Environment Setup for Using SSL between Smart Repository Client and Server The Smart Repository client and server must both be set up in a certificate management environment for using SSL. For the environment setup procedure, refer to "Environment Setup" - "Setting up an Environment for SSL Communication" in the Smart Repository Operator's Guide.
PAGE 250
Chapter 12: Using SSL for Smart Repository Environment Setup for Using SSL between Master and Slave in Smart Repository Replication Operation Mode An Interstage certificate environment is required to use SSL between the master and slave in Smart Repository replication operation mode. After setting up an Interstage certificate environment, use the Interstage Management Console to set the SSL environment in the Smart Repository for both the master and slave servers.
PAGE 251
Part V Security Systems for Web Services (SOAP)
PAGE 252
PAGE 253
Chapter 13 Security Functions for Web Services (SOAP) Security at the SOAP message level can be ensured by using the digital signature (SOAP digital signature) function and encryption (XML encryption) function. The reliable messaging function is used to guarantee that messages have been delivered reliably to the transmission destination and to prove that SOAP messages have been exchanged.
PAGE 254
Chapter 13: Security Functions for Web Services (SOAP) Digital Signature Function The digital signature (SOAP digital signature) function is used to attach a digital signature to SOAP messages and to verify the digital signature attached to SOAP messages. By using this function, the creation or approval of the SOAP messages signed by the signer can be guaranteed. Also, by verifying the digital signature attached to the SOAP messages, it can be guaranteed that the data in the messages has not been modified.
PAGE 255
Encryption Function of SOAP Messages Encryption Function of SOAP Messages The encryption (XML encryption) function is used to encrypt communication data (XML tags in the SOAP messages and attachments) and to decrypt the encrypted communication data. By using this function, communication data can be hidden from third persons.
PAGE 256
Chapter 13: Security Functions for Web Services (SOAP) Reliable Messaging Function and Non-repudiation Function The reliable messaging function guarantees that SOAP messages to be sent will be delivered reliably to the transmission destination without duplication. By using the non-repudiation (using the signature option) function, as well, it becomes possible to exchange SOAP messages while guaranteeing reliability of both sides.
PAGE 257
Attachment Function of the User ID/Password to SOAP Messages Attachment Function of the User ID/Password to SOAP Messages The attachment function of the user ID/password to the SOAP messages attaches the user ID and password to the SOAP messages. By using this function, the creation or approval of SOAP messages by the owner of the user ID/password can be guaranteed (non-repudiation) without using a third-party certification authority.
PAGE 258
Chapter 13: Security Functions for Web Services (SOAP) Communication via the Proxy Client applications could exchange SOAP messages with a Web service on the Internet from within a firewall (proxy). For more details, refer to the SOAP Service User's Guide.
PAGE 259
Chapter 14 How to Prepare PKI Environment for Web Services (SOAP) To allow the Web service to use SSL encrypted communication, SOAP digital signature, and XML encryption (security function), a key pair is required and a certificate management environment must be configured. This chapter explains the procedure.
PAGE 260
Chapter 14: How to Prepare PKI Environment for Web Services (SOAP) Configuring a Certificate Environment on the Server System This section explains the following aspects of configuring a certificate environment on the server system: • Using an Interstage Certificate Environment • Relations between Certificate Environment and Application Operation Using an Interstage Certificate Environment This section explains how to configure and use an Interstage certificate environment: 1.
PAGE 261
Configuring a Certificate Environment on the Server System Alternatively, from the Interstage Management Console, select [System] > [WorkUnits] > [MyIJServer] (IJServer WorkUnit name) > the [Settings] tab, and then [WorkUnit Settings], and specify the SSL definition name for "JavaVM Options". Note If a CORBA/SOAP client gateway is to be used, specify the SSL definition name in the property file. 5. Specify the SOAP digital signature/XML encryption library.
PAGE 262
Chapter 14: How to Prepare PKI Environment for Web Services (SOAP) Relations between Certificate Environment and Application Operation Applications can operate or cannot operate depending on the combination of the following factors: • Whether the environment is an old certificate environment (an environment configured with the soapSetSecurity or soapMngSecurity command) or an Interstage certificate environment. • Whether the SSL definition name (property value) is specified or not.
PAGE 263
Configuring an Old Certificate Environment or Client Certificate Environment Configuring an Old Certificate Environment or Client Certificate Environment Ensure that the paths (directory names and file names) required for using the Web service security functions are set in the environment variable. Table 14-3 Environment Variable Settings Environment variable Description CLASSPATH Add the following JAR files: %IS_HOME%\F3FMsoap\lib\issoapsec.jar(*1) %IS_HOME%\J2EE\lib\jcert.
PAGE 264
Chapter 14: How to Prepare PKI Environment for Web Services (SOAP) Table 14-4 Environment Variable Settings Environment variable Description CLASSPATH Add the following JAR files: /opt/FJSVsoap/lib/issoapsec.jar(*1) /opt/FJSVj2ee/lib/jcert.jar (*2) /opt/FJSVj2ee/lib/jnet.jar (*2) /opt/FJSVj2ee/lib/jsse.jar (*2) /opt/FJSVj2ee/lib/jce1_2_2.jar /opt/FJSVj2ee/lib/local_policy.jar /opt/FJSVj2ee/lib/sunjce_provider.jar /opt/FJSVj2ee/lib/US_export_policy.jar /opt/FJSVj2ee/lib/isj2ee.
PAGE 265
Constructing a Key Pair/Certificate Management Environment Constructing a Key Pair/Certificate Management Environment If the security function is to be used in the Web service, how to construct a key pair/certificate management environment depends on the functions to be used and the environment (whether a server system or a client system). This section explains how to construct and manage a key pair/certificate management environment using the soapSetSecurity and soapMngSecurity commands.
PAGE 266
Chapter 14: How to Prepare PKI Environment for Web Services (SOAP) In the following cases the creation of a key pair and the acquisition of a site certificate from the certification authority can be omitted: • If the SOAP digital signature is verified. • Data is encrypted using XML encryption. • The client is not authenticated in SSL-encrypted communication. Note Refer to Environment Construction when a Private-key is not Needed.
PAGE 267
Constructing a Key Pair/Certificate Management Environment Example If SystemWalker/PkiMGR is the certification authority. Example 1. Create a Web service security environment information file and the certificate management file in the certificate management file creation directory by specifying the alias (taro) and the password for the certificate management file access (Interstage). The installation directory of Interstage is assumed to be "C:\Interstage".
PAGE 268
Chapter 14: How to Prepare PKI Environment for Web Services (SOAP) • Root certificates issued by Japan Certification Services Inc. − − − SecureSign RootCA1 SecureSign RootCA2 SecureSign RootCA3 Acquiring Certificates From The Certification Authority Creating a Certificate Signing Request Create a certificate signing request (CSR) to make a request to the certification authority to issue a site certificate.
PAGE 269
Constructing a Key Pair/Certificate Management Environment Example Register the site certificate and certification authority certificate with the certificate management file by specifying them.
PAGE 270
Chapter 14: How to Prepare PKI Environment for Web Services (SOAP) Example 2. Create a Web service security environment information file and the certificate management file in the certificate management file creation directory by specifying the password for the certificate management file access (Interstage). soapSetSecurity -noauth -f /etc/opt/FJSVsoap/etc -p Interstage If VeriSign Japan K.K or Japan Certification Services Inc. is the certification authority.
PAGE 271
Constructing a Key Pair/Certificate Management Environment The following certificates are stored in the certificate management file as the root certificates: − − − − − − − − − − − VeriSign/RSA Secure Server CA VeriSign Class 1 Public Primary Certification Authority VeriSign Class 2 Public Primary Certification Authority VeriSign Class 3 Public Primary Certification Authority VeriSign Class 1 Public Primary Certification Authority - G2 VeriSign Class 2 Public Primary Certification Authority - G2 VeriSign C
PAGE 272
Chapter 14: How to Prepare PKI Environment for Web Services (SOAP) Registering Site Certificates of the Communication Parties When encrypting messages using the XML encryption or verifying SOAP digital signatures without site certificate of the signer, it is necessary to obtain the site certificate of the communication party and register it with the certificate management file.
PAGE 273
Using a CORBA/SOAP Gateway Using a CORBA/SOAP Gateway If SSL encrypted communication is to be performed in a system environment using a CORBA/SOAP gateway, a Web service security environment and CORBA service SSL environment must be configured. Using a CORBA/SOAP Server Gateway The CORBA/SOAP server gateway operates as a Web service RPC server application, and also as a CORBA client application in a server system.
PAGE 274
Chapter 14: How to Prepare PKI Environment for Web Services (SOAP) 14-16
PAGE 275
Chapter 15 User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) This chapter explains how to use user authentication, SOAP digital signature, and XML Encryption in the Web services.
PAGE 276
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) Setting User Authentication for SOAP Messages This section explains the following topics about User Authentication: • Appending a User Name and a Password to a SOAP Message • User Authentication for SOAP Messages Appending a User Name and a Password to a SOAP Message This section explains how to append a user name and a password, which are used for user authentication, to a SOAP message.
PAGE 277
Setting User Authentication for SOAP Messages Figure 15-1 Web Service Configuration Edit Tool • Web service identifier Enter the identifier of the Web service. For information on how to specify the Web service identifier, refer to Chapter 9 - Managing Web Service Information in the SOAP Service User's Guide. • Processed header element: Do not delete Specify whether to delete the SOAP header element of an incoming response message after its processing has completed. The default is “Do not delete.
PAGE 278
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) • Request transmission setting: destination role (actor) setting Specify the URI of the intermediary for the SOAP message to perform some action on that message. If a URI is not specified, the action will be directed at the ultimate destination of the SOAP message.
PAGE 279
Setting User Authentication for SOAP Messages Business Server Environment Setup The server system that implements a Web service to execute user authentication for SOAP messages must have the following single sign-on functions of the business server configured: • Acquiring the Service ID file • JAAS (Java (TM) Authentication and Authorization Service) setting For details about how to get a service ID file, refer to “Getting a service ID file” in “Setting Up an Application Runtime Environment” of "Develo
PAGE 280
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) Notes • Without the single sign-on function enabled, user authentication for SOAP messages will not function. • If the system property “java.security.auth.login.config” has been specified at JavaVM launch time, the login configuration file specified in the system property takes precedence.
PAGE 281
Setting User Authentication for SOAP Messages Figure 15-2 Entering User Authentication information 15-7
PAGE 282
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) • Web service identifier Enter the identifier of the Web service. For information on how to specify the Web service identifier, refer to Chapter 9 - Managing Web Service Information in the SOAP Service User's Guide. • Processed header element: Do not delete Specify whether to delete the SOAP header element of an incoming response message after its processing has completed. The default is “Do not delete.
PAGE 283
Settings for the SOAP Digital Signature Settings for the SOAP Digital Signature This section explains the following topics: • Generating a SOAP Digital Signature • Verifying the SOAP Digital Signature for SOAP Messages Generating a SOAP Digital Signature The following explains the procedure for generating a SOAP digital signature.
PAGE 284
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) _ap.setContentType("image/jpeg"); _ap.setContentId("sample.jpg"); ..... Preparing a Private-key To generate a SOAP digital signature, a private key and a site certificate corresponding to the private key are needed. For information about how to configure the private key and site certificate, refer to Chapter 14, How to Prepare PKI Environment for Web Services (SOAP).
PAGE 285
Settings for the SOAP Digital Signature • Web service identifier Enter the identifier of the Web service. For information on how to specify the Web service identifier, refer to Chapter 9 Managing Web Service Information in the SOAP Service User's Guide. • [Server Function]: Response Sending setup: SOAP signature generation • [Client Function]: Request Sending setup: SOAP signature generation Set whether to generate the SOAP digital signature when sending a request of a SOAP message or a response.
PAGE 286
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) Notes • If the SOAP digital signature generation function is enabled from the Web Service Information Edit Tool, the SOAP digital signature is automatically attached to the SOAP header based on the settings. • If details are not set, the signature is generated to the results of XML canonicalization after deleting comments from the contents in the SOAP body elements of the SOAP message.
PAGE 287
Settings for the SOAP Digital Signature Specifying the Signature Target Using XPath Filtering If XPath is specified, nodes for which the result of evaluation of the XPath expression for all nodes inside the SOAP envelope turns out to be true are selected as the signature targets.
PAGE 288
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) Figure 15-4 Web Service Information Edit Tool – RPC Service – Security Information Screen • Web service identifier Enter the identifier of the Web service. For information on how to specify the Web service identifier, refer to the SOAP Service User's Guide. • Processed HeaderElement: Do not delete Set whether to delete processed SOAP header elements after receiving a request/response message.
PAGE 289
Settings for the SOAP Digital Signature • [Client Function]: Response Receiving setup: SOAP signature verification Set whether to verify the SOAP digital signature when receiving a request of a SOAP message or a response. "No" is set by default. • [Server Function]: Request Receiving setup: Details button • [Client Function]: Response Receiving setup: Details button This button is used to switch between "Details" and "Standard" view of the signature verification setting.
PAGE 290
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) Settings for the XML Encryption This section explains the settings for: • Encrypting SOAP Messages Using the XML Encryption • Decrypting SOAP Messages Using the XML Encryption Encrypting SOAP Messages Using the XML Encryption The following explains the procedure for encrypting SOAP messages using the XML encryption.
PAGE 291
Settings for the XML Encryption Figure 15-5 Settings for Encryption using the XML Encryption • Web service identifier Enter the identifier of the Web service. For information on how to specify the Web service identifier, refer to the SOAP Service User's Guide. • Processed HeaderElement: Do not delete Set whether to delete processed SOAP header elements after receiving a request/response message. "Do not delete" is set by default.
PAGE 292
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) • [Client Function]: Request Sending setup: Details button This button is used to switch between "Details" and "Standard" view of the encryption setting. The above window shows when the Details button has been clicked. − The Candidate for encryption (optional) Specify the target for encryption.
PAGE 293
Settings for the XML Encryption Specifying the Encryption Target The following two types of encryption target can be specified for encryption using the XML encryption. • • Any nodes inside the SOAP envelope. (However, the SOAP envelope, SOAP body, and SOAP header are excluded.
PAGE 294
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) • descendant::*[local-name()='ResponseBody' and namespace-uri()='urn:SampleMsg'][1] Specify the first m:ResponseBody element, which is a descendant of the SOAP envelope. If "XPath" is specified as the type of encryption, the m:ResponseBody element will be encrypted.
PAGE 295
Settings for the XML Encryption Settings for Decryption Using the XML Encryption The Web Service Information Edit Tool is used to make the settings for decryption using the XML encryption. The following figure shows the window that displays detailed information in a server system environment. The following explanation uses the RPC application window as an example. Figure 15-6 Settings for Decryption using the XML encryption • Web service identifier Enter the identifier of the Web service.
PAGE 296
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) • Web service role (actor) name Specify the Web service role (actor) name(s) in URI format. When describing two or more role (actor) names, separate them using a comma (","). The role (actor) name is a role name of the Web service in the transfer route when SOAP performs the specified transfer. Only the SOAP header elements with the destination role (actor) name matching this value are processed.
PAGE 297
Fault Codes Fault Codes In addition to the faults defined in the “Implementing Messaging Applications” and “Implementing RPC Applications” sections of the SOAP Service User’s Guide, the faults listed below may be encountered while using the user authentication, SOAP e-signature, and XML encryption functions for SOAP messages: The following fault codes belong to the namespace URI "http://schemas.xmlsoap.org/ws/2002/07/secext".
PAGE 298
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) The following fault code belongs to the namespace URI "http://schemas.xmlsoap.org/ws/2002/07/utility". Table 15-2 Fault Codes 15-24 Fault code Explanation MessageExpired The time stamp attached to the transmitted SOAP message has already expired.
PAGE 299
Supported Algorithms Supported Algorithms The high-reliability Web service supports the following algorithms. The namespace prefix "wsse" belongs to the namespace URI "http://schemas.xmlsoap.org/ws/2002/07/security." Appending a User Name and a Password to a SOAP Message • Password type − wsse:PasswordText User Authentication for a SOAP Message • Password type − wsse:PasswordText Generating the SOAP Digital Signature • Digest algorithm − • • Signature algorithm − http://www.w3.
PAGE 300
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) Verifying the SOAP Digital Signature • Digest algorithm − • • http://www.w3.org/2000/09/xmldsig#sha1 Signature algorithm − http://www.w3.org/2000/09/xmldsig#dsa-sha1 − http://www.w3.org/2000/09/xmldsig#rsa-sha1 Canonicalization algorithm − http://www.w3.org/TR/2001/REC-xml-c14n-20010315 − http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments − http://www.w3.
PAGE 301
Supported Algorithms Items Related to WS-Security • • • Security token − wsse:BinarySecurityToken − wsse:UsernameToken Encoding method − wsse:Base64Binary − wsse:HexBinary Type supported by wsse:BinarySecurityToken, and wsse:KeyIdentifier − wsse:X509v3 15-27
PAGE 302
Chapter 15: User Authentication, SOAP Digital Signature and XML Encryption for Web Services (SOAP) 15-28
PAGE 303
Chapter 16 How to Use Reliable Messaging Function for Web Services (SOAP) This chapter explains how to use the Reliable Messaging function with the Web service. To use the non-repudiation (signature option) function, the same key pair/certificate environment as that for the SOAP digital signature needs to be constructed. For more information, see “Configuring the Environment to use the Security Function with Web Services (SOAP)” and “Using User Authentication, SOAP E-Signatures, and XML Encryption.
PAGE 304
Chapter 16: How to Use Reliable Messaging Function for Web Services (SOAP) PUSH Model (Receiving Messages by the Server System) In the PUSH model, the sender application of the client system sends a SOAP message and the receiver application of the server system receives the SOAP message to process it. Table 16-1 lists the items that must be agreed upon between the applications.
PAGE 305
PUSH Model (Receiving Messages by the Server System) Next, prepare a public key for the sender client. Since the sender client also needs the public key of the receiver server to use the non-repudiation function, it is necessary to exchange the public key with each other.
PAGE 306
Chapter 16: How to Use Reliable Messaging Function for Web Services (SOAP) Figure 16-1 Reliable Messaging PUSH Screen - Deploying the Receiver Application dialog • Web service identifier Identifier for the receiver application. • Receiver application class name Specify the Java class name of the receiver application using the full package name. The Java class must be placed under a path set to the environmental variable CLASSPATH.
PAGE 307
PUSH Model (Receiving Messages by the Server System) • Message type ID Specify the ID that represents the type of message agreed upon with the sender client. The format used to specify the message type ID must follow "NMTOKEN" of XML and the characters of the ID must be usable for the file name and directory name. A unique name within one server system must be given. • Sender ID (Sender client ID) Specify the ID for the sender client of the PUSH model agreed upon with the sender client.
PAGE 308
Chapter 16: How to Use Reliable Messaging Function for Web Services (SOAP) Preparing a Key Pair and Public Key Used by the Sender Client This section shows the procedure for using the non-repudiation (signature option) function. The examples shown in this section specify commands used in a client package certificate environment. For more information, refer to "Configuring an Old Certificate Environment or Client System Certificate Environment.
PAGE 309
PUSH Model (Receiving Messages by the Server System) Figure 16-2 Reliable Messaging PUSH Screen - Deploying the Sender Application dialog • Web service identifier Specify the ID that represents the sender client agreed upon with the receiver server. • Sender client ID Specify the ID that represents the sender client agreed upon with the receiver server.
PAGE 310
Chapter 16: How to Use Reliable Messaging Function for Web Services (SOAP) • Receiver ID (Receiver server ID) Specify the ID of the receiver server of the PUSH model agreed upon with the receiver server. The format used to specify the Receiver server ID must follow "NMTOKEN" of XML and the characters of the ID must be usable for the file name and directory name. A unique ID must be given to each message type ID. • Receiver server URL (receiver server URL) Specify the URL set by the receiver server.
PAGE 311
PULL Model (Receiving Messages by the Client System) PULL Model (Receiving Messages by the Client System) In the PULL model, the sender application of the server system (sender server) sends a SOAP message and the receiver application of the client system (receiver client) receives the SOAP message to process it. Table 16-2 lists the items that must be agreed upon between the applications.
PAGE 312
Chapter 16: How to Use Reliable Messaging Function for Web Services (SOAP) The following shows an example of command execution to output the public key of the sender server to a file. scsenter -n clientkey -f clientkeyfile -p password -e Deploying the Sender Application The Web Service Information Edit Tool in the server system environment is used to deploy the sender application. For information on how to start the Web service information edit tool, refer to the SOAP Service User 's Guide.
PAGE 313
PULL Model (Receiving Messages by the Client System) • Web service identifier Identifies the receiver application. For details on how to specify the Web service identifier, refer to Chapter 9 Managing Web Service Information in the SOAP Service User's Guide. • Sender server ID Specify the ID that represents the sender server agreed upon with the receiver client.
PAGE 314
Chapter 16: How to Use Reliable Messaging Function for Web Services (SOAP) Notes The Sender server ID, Receiver client ID, and message type ID are used as the directory name and file name for storing reliable messages. Therefore, it is necessary to specify characters that can be used for the directory name and file name in the operating system used. If a character that cannot be used for the directory name or file name is specified, an error occurs when executing the reliable messaging function.
PAGE 315
PULL Model (Receiving Messages by the Client System) Figure 16-4 Reliable Messaging PULL Screen - Deploying the Receiver Application dialog • Web service identifier Name to identify the deployed Web service information. This name must be unique in the system. • Receiver application class name Specify the Java class name of the receiver application using the full package name. • The Java class must be placed under a path set to the environmental variable CLASSPATH.
PAGE 316
Chapter 16: How to Use Reliable Messaging Function for Web Services (SOAP) • Message type ID Specify the ID that represents the type of message agreed upon with the sender server. The format used to specify the message type ID must follow "NMTOKEN" of XML and the characters of the ID must be usable for the file name and directory name. A unique name within one client system must be given.
PAGE 317
Part VI Security Systems for the ebXML Message Service The ebXML Message Service can be used with the following Windows(R) system or Solaris OE systemproducts: • Interstage Application Server Enterprise Edition
PAGE 318
PAGE 319
Chapter 17 How to use SSL with the ebXML Message Service This chapter explains how to use SSL with the ebXML Message Service. With the ebXML Message Service, you can use the following two environments that manage certificates and private-keys required for encryption and signature processing: • Interstage certificate environment • Former certificate/key management environment Configure whichever of the above two environments is appropriate.
PAGE 320
Chapter 17: How to use SSL with the ebXML Message Service 17-2
PAGE 321
Chapter 18 How to use XML Digital Signature with ebXML Message Service This chapter explains how to use the XML digital signature with the ebXML Message Service. With the ebXML Message Service, you can use the following two environments that manage certificates and private-keys required for encryption and signature processing: • Interstage Certificate Environment • Former Certificate/Key Management Environment Configure whichever of the above two environments is appropriate.
PAGE 322
Chapter 18: How to use XML Digital Signature with ebXML Message Service 18-2
PAGE 323
Index access control, B-4 Acquiring and Registering Certificates (for both the Server and Client), 10-4 Append a User Name and a Password, 15-2 Appending a User Name and a Password to a SOAP Message, 15-2 Authentication User, 3-2 Authentication object log tracing, B-15 authentication objects, B-2 backup security, 2-2 CA (Certification Authority), 7-4 certificate acquiring, 8-9 registering, 8-10 certificate issuance requesting, 7-10 certificate management, 7-19 Certificate Management, 7-19 certificate signin
PAGE 324
Security System Guide - Index Configuring the Interstage Certificate Environment with CSR, 7-8 CORBA server environment setup, 10-6 EJB Service periodic backup, 2-14 resources protected, 2-12 security measures, 2-12 security risks, 2-13 SSL encryption, 2-14 threat countermeasures, 2-13 CORBA Server Environment Setup, 10-6 ejbchangemode command, A-19 CORBA Service communication data, 2-19 Java applet creation and operation, 2-19 port number, 2-19 security measures, 2-18 SSL linkage, 10-3 unauthorized r
PAGE 325
Security System Guide - Index parameters, 4-8 setup, 4-8 writing HTML, 4-7 HTTP Tunneling Setup, 4-4 HTTP-IIOP gateway, 4-4 IJServer execution, 2-23 security measures, 2-23 unauthorized resource file access, 2-23 Implementing an Application that Attaches a SOAP Digital Signature, 15-9 Implementing an Application that Performs Decryption Using the XML Encryption, 15-20 Interstage HTTP Server communication data, 2-4 DoS attacks, 2-4 HTTP trace method exploitation, 2-6 password information linkage, 2-5 secur
PAGE 326
Security System Guide - Index threat countermeasures, 1-9 J2EE deployment tool security measures, 2-15 unauthorized resource file access, 2-15 J2EE resource access definition password information leakage, 2-16 security measures, 2-16 Potential Security Threats, 1-25 Preparing a Key Pair and Public Key Used by the Receiver Client, 16-12 Preparing a Key Pair and Public Key Used by the Receiver Server, 16-2 Preparing a Key Pair and Public Key Used by the Sender Client, 16-6 Java applets HTTP tunneling, 4-10
PAGE 327
Security System Guide - Index CORBA Service, A-4 EJB Service, A-16 EJB Service operation, A-18 environment, A-17 environment construction, A-16, A-17, A-25 environment setup for Interstage resources protection, A-4 Interstage JMS, A-25 protecting Interstage resources, A-2 Resources Requiring Security Protection, 1-24 Resources to be Protected, 1-2, 1-5, 1-12, 1-19, 1-38 security Component Transaction Service, B-14 Database Linkage Service, 1-12 Interstage Management Console and Interstage Operation Tool, 1
PAGE 328
Security System Guide - Index Settings for Encryption Using the XML Encryption, 15-16 Settings for the Generation of the SOAP Digital Signature, 15-10 Settings for the SOAP Digital Signature, 15-9 Settings for the SOAP Digital Signature Verification, 15-13 Settings for the XML Encryption, 15-16 Smart Repository, 1-24 accessing Smart Repository server, 2-24 blocking external access, 2-24 operation, 2-24 periodic data backup, 1-27 resources protected, 1-24 restriction of services, 2-24 security, 1-24 securit
Who We Are
About Us
Company
Careers
Terms & Privacy
Resources
List of Manufacturers
Support
For the Press
Media assets
FAQ
Get in touch
Blog
Email
DMCA
ManualShelf © 2013-2024