• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Securing JMS communication

 
Karol Borkowski
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
This is my first post here, although I've been using this forum for quite some time - it helped me a lot during preparations for previous certificates. Great job and thank you all

Ok, to the point. Currently I am working on Gusher Oil assignment. One of the requirements is: system security - minimum 128bits-encryption and JMS messages security. I have problems finding answers to address that requirement.
For one thing - I can ensure that application is accessible only through HTTPS.
Second thing is securing JMS - I can use SSL to achieve transport-layer encryption. What about message security? I wanted to use ObjectMessages in JMS communication, but I don't think that I can provide message security in that case? Sending encrypted SOAP messages with digital signatures over JMS is another option but I think there must exist better solution (and also, encrypting and signing XML messages along with mashalling can take some time and another requirement is that 99 percent of messages must be constructed and sent in under 3 seconds).

I would appreciate your help.
Cheers!
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 35279
384
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Do you know what they mean by message security? I would think it consists of securing the channel and being able the authenticate message sources.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic