Is there any reason why you tried to use JSS in GlassFish EE? Any
particular features?
I do not know whether there is any enhancement in NSS.
According to my understanding, one cannot initialized a different NSS
database within the same jvm.
Shing Wai Chan
glassfish_at_javadesktop.org wrote:
> So if I initialize the JSS CryptoManager directly from inside my servlet I can then use JSS SSLSocket directly. This seems wrong to me for the following reasons:
>
> - JSS has many configuration options beyond just directory, I would rather have the container manage these.
>
> - Since glassfish is running in EE mode, clearly there is already another instance of JSS CryptoManager initialized for use by the web server. How do I know that my servlet won't trample on its internal native NSS library state when I initialize my CryptoManager?
>
> - When I initialize my CryptoManager, I get a security exception when JSS CryptoManager tries to set the some kind of JSSProvider.
> java.security.AccessControlException: access denied (java.security.SecurityPermission putProviderProperty.Mozilla-JSS)
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
> at java.security.AccessController.checkPermission(AccessController.java:427)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> at java.lang.SecurityManager.checkSecurityAccess(SecurityManager.java:1698)
> at java.security.Provider.check(Provider.java:349)
> at java.security.Provider.put(Provider.java:303)
> at org.mozilla.jss.JSSProvider.<init>(JSSProvider.java:66)
> at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:873)
>
> -
> [Message sent by forum member 'suggarglider' (suggarglider)]
>
> http://forums.java.net/jive/thread.jspa?messageID=322259
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>