I have this servlet that calls this session bean that is located on a different machine. I know that the call is an RMI call. Does anyone know if the call is encrypted. when I call the session bean method and I pass it an object, can someone, somehow, look into that data. The servlet actually passes credit card information to the session bean which processes the payment. I wanna make sure that the call between the servlet and the session bean is encrypte.
Thanks a lot for your help
posted 12 years ago
If your server is configured to use SSL and you also developed RMI clients that use SSL (they might be slightly different from non-SSL clients) then your data is safe. This has nothing much to do with your server (except the configuration part) as it has to do with the SSL protocol itself. As you might remember SSL uses pairs of public and private keys for encrypting/decrypting the information and is guaranteed that nobody else could decrypt the data, without having the private key. Regards.