Module :: DebugDyanamicPolicyProvider and SecurityPolicyWriter

Tool used to determine security policy requirements.

License

License

Categories

Categories

Net Security
GroupId

GroupId

au.net.zeus.jgdms.tools
ArtifactId

ArtifactId

security-policy-debug
Last Version

Last Version

3.1.0
Release Date

Release Date

Type

Type

jar
Description

Description

Module :: DebugDyanamicPolicyProvider and SecurityPolicyWriter
Tool used to determine security policy requirements.

Download security-policy-debug

How to add to project

<!-- https://jarcasting.com/artifacts/au.net.zeus.jgdms.tools/security-policy-debug/ -->
<dependency>
    <groupId>au.net.zeus.jgdms.tools</groupId>
    <artifactId>security-policy-debug</artifactId>
    <version>3.1.0</version>
</dependency>
// https://jarcasting.com/artifacts/au.net.zeus.jgdms.tools/security-policy-debug/
implementation 'au.net.zeus.jgdms.tools:security-policy-debug:3.1.0'
// https://jarcasting.com/artifacts/au.net.zeus.jgdms.tools/security-policy-debug/
implementation ("au.net.zeus.jgdms.tools:security-policy-debug:3.1.0")
'au.net.zeus.jgdms.tools:security-policy-debug:jar:3.1.0'
<dependency org="au.net.zeus.jgdms.tools" name="security-policy-debug" rev="3.1.0">
  <artifact name="security-policy-debug" type="jar" />
</dependency>
@Grapes(
@Grab(group='au.net.zeus.jgdms.tools', module='security-policy-debug', version='3.1.0')
)
libraryDependencies += "au.net.zeus.jgdms.tools" % "security-policy-debug" % "3.1.0"
[au.net.zeus.jgdms.tools/security-policy-debug "3.1.0"]

Dependencies

compile (2)

Group / Artifact Type Version
au.net.zeus.jgdms : jgdms-platform jar 3.1.0
au.net.zeus.jgdms.tools : classdep jar 3.1.0

Project Modules

There are no modules declared in this project.

JGDMS - Java/Jini Global Distributed Micro Services.

Build instructions

From command or shell prompt:

$ mvn -f JGDMS/pom.xml package

For unit tests:

$mvn -f JGDMS/pom.xml test

After successfully testing the above, integration and regression tests can be run by:

$ cd qa

$ ant run-all

$ ant jtreg

The regression tests ($ ant run-all) take approximately 24 hours to complete.

The jtreg tests take about half an hour to complete, you'll need to manually install jtreg, refer to http://openjdk.java.net/jtreg/

This software is forked from Apache River trunk, it is designed with internet security in mind and provides:

  • ObjectInput and ObjectOutput implementations for hardening deserialization in the presence of untrusted input.
  • TLSv1.2 Encrypted endpoints for RPC communication over untrusted networks, using RSA and Ephemeral Diffie Hellman key exchange and AES with GCM, non-epheremal DH key exchanges are prohibited.
  • IPv6 Multicast Discovery using X500 distinguished names with various integrity checking hash functions provided.
  • Unicast Discovery over a TLSv1.2 connection with an SHA-224, SHA-256, SHA-384 or SHA-512 hash function to validate data sent and received at both ends prior to sending a response.
  • Dynamically granting DownloadPermission and DeSerialization permission to trusted authenticated lookup services during unicast discovery.
  • Lookup Service registrar to search services available from various arbitrary third parties.
  • Lookup method that allows authentication of third parties, using a bootstrap proxy, prior granting DownloadPermission and DeSerialization permission for service utilisation.
  • Invocation and Method constraints.

Discussion forum:

https://groups.google.com/forum/#!forum/river-secure-ipv6-discovery

Notables:

  • Worlds fastest, highly scalable, Java security policy provider.
  • RFC3986URLClassLoader is much faster than Java's built in URLClassLoader.
  • RFC3986 compliant Uri.
  • Atomic Serialization outperforms standard Java.
  • JERI (Jini Extensible Remote Invocation) outperforms java RMI.
  • Unnecessary DNS calls have been eliminated.
  • Hi performance lookup service method delays or avoids unnecessary codebase downloads.

Versions

Version
3.1.0
3.0.1-RC-07