public interface ServerSecurity
The ServerSecurity interface and partner ClientSecurity
interface define a simple yet flexible model for providing security when using
the CICS Transaction Gateway. Implementations of the interfaces can be as simple
or as robust as deemed necessary; from simple XOR scrambling to use of Java
Cryptographic toolkits.
The JSSEServerSecurity
interface is also available
for users wishing to expose Client Certificates passed when establishing
connections over SSL.
An individual JavaGateway instance has an instance of a ClientSecurity class associated with it, until the JavaGateway is closed. Similarly, within the CICS Transaction Gateway, an instance of the partner ServerSecurity class is associated with the connected Java-client, until the connection is closed.
The basic model consists of :
- An initial handshake to exchange pertinent information. For example, this handshake could involve the exchange of public keys. However, since at the interface level the flow consists of a simple byte-array, an implementation has complete control over the contents of its handshake flows.
- The relevant ClientSecurity instance being called to encode outbound requests, and decode inbound replies.
- In the CICS Transaction Gateway, the partner ServerSecurity instance being called to decode inbound requests and to encode outbound replies.
The ClientSecurity and ServerSecurity class instances should maintain as data members sufficient information from the initial handshake to correctly encode and decode the flows.
A example implementation of the ServerSecurity interface can be found in the com.ibm.ctg.samples.security.ServerCompression class. The source for this example can be found in /samples/java/com/ibm/ctg/samples/security
Modifier and Type | Method and Description |
---|---|
void |
afterDecode(GatewayRequest gatewayRequest)
This method is called after an in-bound request has been decoded.
|
byte[] |
decodeRequest(byte[] encryptedRequestFlow)
This method is called to decode a client request, which has been encoded
by its partner
ClientSecurity instance's encodeRequest method. |
byte[] |
encodeReply(byte[] cryptReplyFlow,
GatewayRequest gatewayRequest)
This method is called to encode a reply to the client program.
|
byte[] |
receiveHandshake(byte[] clientHandshake,
java.net.InetAddress ipClient)
This method is called in response to the initial client-to-Gateway handshake
flow, that is the handshake returned by its partner
ClientSecurity instance's
generateHandshake method. |
byte[] receiveHandshake(byte[] clientHandshake, java.net.InetAddress ipClient) throws java.io.IOException
ClientSecurity
instance's
generateHandshake method. The method should store any information received in the handshake for use later.
This method should then generate the return Gateway-to-client handshake flow.
The method should return a byte array containing the handshake that it wishes
to pass to its partner ClientSecurity
instance's repliedHandshake method.
This method is passed the IP address of the client machine that it is handshaking with. It can make decisions based on this address and if it does not wish to allow a connection based upon the address, it should throw an appropriate IOException.
clientHandshake
- byte array containing the client-to-Gateway handshake dataipClient
- IP address of the client machine the handshake is forjava.io.IOException
- if an error occurs whilst interpreting the received handshake or when generating the reply handshake databyte[] decodeRequest(byte[] encryptedRequestFlow) throws java.io.IOException
ClientSecurity
instance's encodeRequest method. The method
should decode the request flow, and return the decoded form. The decoded
data need not be the same length as the original encoded form.encryptedRequestFlow
- encoded client request data.java.io.IOException
- if an error occurs whilst decoding the requestbyte[] encodeReply(byte[] cryptReplyFlow, GatewayRequest gatewayRequest) throws java.io.IOException
The method is passed a byte array which contains the data-flow, which
represents the reply, that is to be flowed across to the client program.
Since the reply data is in an indeterminate format, the method is also
passed the GatewayRequest
object that the reply represents. It can use
this GatewayRequest
object to determine what action needs to be taken.
The method should encode the reply flow, and return the encoded form. The encoded data need not be the same length as the original unencoded form.
cryptReplyFlow
- non-encoded server reply data.gatewayRequest
- GatewayRequest object that the reply data represents.java.io.IOException
- if an error occurs whilst encoding the replyvoid afterDecode(GatewayRequest gatewayRequest)
This method is extended in JSSEServerSecurity to expose an SSL Client Certificate.
gatewayRequest
- the request GatewayRequest object that was just decoded