To ensure a secure session between your Java application and EAServer, you must configure SSL settings before using one of the standard techniques to instantiate proxies for the EAServer components.
You can configure the settings required for SSL connections using two techniques:
By setting ORB properties The required SSL settings must be known in advance, and your application can connect only to servers that use certificates issued by a known, trusted certificate authority.
By using the SSLServiceProvider interface The SSLServiceProvider interface allows your application to determine what options are available at runtime. In addition, you can supply a callback class with methods that supply settings as needed and respond to exceptional cases. For example, the client ORB invokes callback methods if the application specified an invalid certificate password or if a connection is made to a server that uses certificate issued by an unknown certificate authority.
Applications that run without user interaction typically configure SSL settings with the ORB properties. Interactive applications typically use the SSLServiceProvider interface and install a callback. When a callback is installed, you can rely on user interaction in the callback methods to configure necessary settings. For example, if the certificate password has not been supplied, the ORB invokes the getPin callback method.
Once you have correctly configured the required SSL settings, use the standard technique to instantiate proxies, as described in Chapter 12, “Creating CORBA Java Clients,” in the EAServer Programmer’s Guide. Proxies are created in a secure session as long as the server supports the requested level of security.
