Perform Secure Lookups
TIBCO Enterprise Message Service client programs can perform secure JNDI lookups using the Secure Sockets Layer (SSL) protocol. To accomplish this, the client program must set SSL properties in the environment when the InitialContext is created. The SSL properties are similar to the SSL properties for the TIBCO Enterprise Message Service server.
See SSL Protocol for more information about using SSL in the TIBCO Enterprise Message Service server.
The following examples illustrate how to create an InitialContext that can be used to perform JNDI lookups using the SSL protocol.
- Java
Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.tibco.tibjms.naming.TibjmsInitialContextFactory"); env.put(Context.PROVIDER_URL, tibjmsnaming://jmshost:7223); env.put(Context.URL_PKG_PREFIXES, "com.tibco.tibjms.naming") env.put(TibjmsContext.SECURITY_PROTOCOL, "ssl"); env.put(TibjmsContext.SSL_ENABLE_VERIFY_HOST, new Boolean("false")); Context context = new InitialContext(env);
- C
Create a tibemsSSLParams object and use the tibemsSSLParams_SetIdentityFile function to establish the client identity by means of a pkcs12 file. Use the tibemsLookupContext_CreateSSL function to create a tibemsLookupContext object that uses an SSL connection for the initial context.
tibemsLookupContext* context = NULL; tibemsConnection_Factory factory = NULL; tibemsSSLParams sslParams = NULL; tibems_status status = TIBEMS_OK; sslParams = tibemsSSLParams_Create(); status = tibemsSSLParams_SetIdentityFile( ssl_params, "client_identity.p12", TIBEMS_SSL_ENCODING_AUTO); status = tibemsLookupContext_CreateSSL( &context, "tcp://localhost:7222", "userName", "password", sslParams, "pk_password");
- C#
Create a ILookupContext object for the initial context over an SSL connection. The SSL Store Info consists of a pkcs12 file that identifies the client and the client’s password, which are stored in an EMSSSLFileStoreInfo object.
string ssl_identity = client_identity.p12; string ssl_target_hostname = "server"; string ssl_password = "password"; EMSSSLFileStoreInfo StoreInfo = new EMSSSLFileStoreInfo(); info.SetSSLClientIdentity(ssl_identity); info.SetSSLPassword(ssl_password.ToCharArray()); Hashtable env = new Hashtable(); env.Add(LookupContext.PROVIDER_URL, "adc1.na.tibco.com:10636"); env.Add(LookupContext.SECURITY_PRINCIPAL", "myUserName"); env.Add(LookupContext.SECURITY_CREDENTIALS", "myPassword"); env.Add(LookupContext.SECURITY_PROTOCOL, "ssl"); env.Add(LookupContext.SSL_TARGET_HOST_NAME, ssl_target_hostname); env.Add(LookupContext.SSL_STORE_TYPE, EMSSSLStoreType.EMSSSL_STORE_TYPE_FILE); env.Add(LookupContext.SSL_STORE_INFO, StoreInfo);