• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Interfacing with TransMaster (security)

 
Vivek Viswanathan
Ranch Hand
Posts: 350
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My desing for interfacing with TransMaster
------------------------------------------
The functionality required by TransMaster is provided using a Session Bean called TransMasterBean. This session bean delegates all the requests to an object of type TransMasterAdapter, TransMasterAdapter is an interface that defines all the operations required in interfacing with TransMaster system. TransMasterAdapter can have different implementation classes depending on the type of protocol used to interface with TransMaster system. In this case the implementation class is TransMasterXMLAdapter, this class communicates with TransMaster system using XML-RPC over an HTTPS connection.
This design allows for changes in interfacing between FBN system and TransMaster to be localised at a single place, rather than affecting the entire FBN Application. In case the interface mechanism between FBN and TransMaster system changes, all that has to be done is create a new TransMaster Adapter by implementing the TransMasterAdapter Interface.
My Problem
----------
Since the communication between TransMaster and FBN system is done over a HTTPS conneciton, I am assuming that there will be present both server and client certificates ( i.e FBN and TrasnMaster both have Certificates ).
I now have 2 choices
1. Should the adapter 'TransMasterXMLAdapter' handle only HTTP conneciton. These HTTP connections pass through an HTTPS encoder/decoder (software or hardware -- idont know ? ) that maintains an HTTPS connection with TransMaster, and handles stuff realted to client and server certificates. This HTTPS encoder/decoder that I am talking about will be a part of the FBN system, but I wont be going to the details its working etc.
2. The adapter 'TransMasterXMLAdapter' directly comunicates with TransMaster system using HTTPS. I assume the problem with this solution is that it requires JSSE for HTTPS connecitons, and legal stuff realted to the same.

Any Ideas ?
Vivek
 
Daniel CarMichael
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've adopted an option similar to your second option. My transMasterXMLImpl class basically translating a Java function call seekAuthorization() into an XML document according to the XML-RPC API specification. It will also open a secure SSL connection using javax.net.ssl.SSLSocket (from JSSE API), negotiating an SSL connection with the TransMaster Server using the reference to a keystore which holds the keys to provide mutual authentication. The server thread will wait until TransMaster replies with a response XML document. The TransMasterXMLImpl class will then translate the XML document and return a boolean value to the system.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic