JSSE Integration

Purpose

This contribution demonstrates how to integrate JSSE (Java Secure Socket Extension) with ULC.

JSSE can be used to

  • add HTTPS support to JRE 1.3.
  • replace the browser based HTTPS support used by the Java plug-in for JRE 1.3.
Note that ULC does not support browser based HTTPS on Nescape / Mozilla. See also PR830 in the ULC problem report database. So this contribution provides a workaround for PR830.

How to use

Invoke JsseIntegrationUtilities.installJsseIfNecessary() in your launcher. This installs JSSE if there is currently no or only browser based HTTPS support.

public class JsseAppletLauncher extends DefaultAppletLauncher {
    public void init() {
        JsseIntegrationUtilities.installJsseIfNecessary();
        super.init();
    }
}

How to deploy

The code for this contribution is separated into two installables:
  • jsseintegration-sample-client.jar: contains the implementation for JsseIntegrationUtilities.installJsseIfNecessary().
  • jsseintegration-client.jar: installs JSSE and therefore needs full permissions.
Note that we signed the jsseintegration-client.jar file in order to get full permissions in Applet deployment.

Notes for Java Web Start 1.0.1 Deployment

Unfortunately the Java Web Start implemention that is compatible with JRE 1.3 installations has a bug that forces you to provide separate JNLP files if want to download JSSE only when needed. For more information see Java bug 4809201.

This leads to the following JNLP file for JRE 1.3:

<?xml version="1.0" encoding="ISO-8859-1"?>
<jnlp spec="1.0+" codebase="$$context" href="application.jnlp">
    <information>
        <title>jsseintegration</title>
        <vendor>Canoo AG</vendor>
        <description>Sample application of jsseintegration extension.</description>
        <homepage href="http://www.canoo.com/ulc"/>
        <icon href="application.gif" width="48" height="48"/>
    </information>

<resources> <j2se version="1.3"/> <jar href="lib/jsseintegration-sample-jnlp-client.jar" main="true"/> <extension name="JSSE Integration" href="$$context/jsseintegration.jnlp"/> <extension name="JSSE" href="$$context/jsse.jnlp"/> <extension name="ULC" href="$$context/ulc.jnlp"/> </resources>

<application-desc main-class="com.canoo.ulc.community.jsseintegration.client.environment.jnlp.JsseJnlpLauncher"> <argument>https://www.canoo.com/jsseintegration/application</argument> <argument>60</argument> <argument>WARNING</argument> </application-desc> </jnlp>

Note that JSSE and the JSSE Integration are deployed as separate component extensions as they need full permissions and are signed with different code certificates. All other deployables run with standard JNLP permissions.

Note also that Java Web Start 1.0.1 does not support resource download over HTTPS. So you have to deploy the client part of your ULC applicaton over HTTP. However, with this contribution you are able to connect to the server part of your ULC application over HTTPS (note the HTTPS ULC application URL in the above JNLP file).

Resources