From: john.r.morris@Sun.COM
Date: Wed, 22 Oct 1997 10:38:38 -0400
Message-Id: <199710221438.KAA15642@everest.East.Sun.COM>
To: java-security@web2.javasoft.com
Subject: Securing the rmiRegistry
HI,
I'm a developer for HSU, and we are currently porting tools like autoben,=
=20
paycheck,, etc. to Java. We are using the recommended 3 tier approach with
RMI in the middle & JDBC on the back end.
I'm looking for solutions on how to secure my middle tier server (RMI) from
people who write their own applets after using reflection to discover the
middleware's API.
I have heard talk about using cookies, but how secure is that when the sock=
et
isn't secure=3F
Any suggestions or recommendations you might have would be greatly=20
appreciated.
Thanks,
John Morris