-
1. Re: Security issues of JBoss cache replication
ybxiang.china Mar 15, 2010 5:45 AM (in response to ybxiang.china)The JBoss cache document says nothing about the security.
Case.2:
I want to use JBoss5.1 as the server and cache some useful info[for example, alarms] in JBoss cache.
When client is started, it need to synchronized the cache with the server to get the useful info.
SSL is used.
set JAVA_OPTS=-DserverName=10.80.2.196 -Dgvu.singletonMaster.vip=10.80.2.218 -Djavax.net.ssl.keyStore=D:/gvu/tools/jboss-5.1.0.GAjdk6/server/gvu/conf/gvuserverkeystore -Djavax.net.ssl.trustStore=D:/gvu/tools/jboss-5.1.0.GAjdk6/server/gvu/conf/gvuservertruststore -Djavax.net.ssl.trustStorePassword=xxx -Djavax.net.ssl.keyStorePassword=xxx -Djboss.gvu.ejb.interface.protocol=sslsocket -Dsslport=3843
./run.bat -c gvu -g GVUPartition -u 239.255.100.101 -b 10.80.2.196Why client can NOT see the values cached in the server, while two standalone clients can see each other's cached value?
-
2. Re: Security issues of JBoss cache replication
ybxiang.china Mar 15, 2010 5:59 AM (in response to ybxiang.china)The other question is,
If hacker create the same cache with name cluster=DefaultPartition-HAPartitionCache and set too many values in the cache,
then the jboss server will be out of memory???