Search code examples
sslreplicationehcache

How to configure RMI over SSL in ehcache for replication

I Have ehcache replication working properly without SSL support. I am looking to support my ehcache replication via SSL i.e. i want to have RMI over SSL

How can i do that?

Here is sample manual peer discovery i am using. 

<cacheManagerPeerProviderFactory
class="net.sf.ehcache.distribution.RMICacheManagerPeerProviderFactory"
properties="peerDiscovery=manual,
rmiUrls=//10.100.10.12:40002/ssoSessionStore"/>

Can i have some SSL support to RMI call it is doing?

Thanks

Solution

  • I had to change ehcache source code and change few classes to support SSL. As when ehcache over rmi bootsup , it registers itself on rmiregistry. I need to start this registery via SSL context

    Look at class RMICacheManagerPeerListener.java for method startRegistry() This is main class where RMI registry starts. One who is modifying the code needs to understand then ehcache rmi code flow first. Below code is snippet of what has to be done and respectively change other methods.

    final String SSL= System.getProperty("isSSL");
  protected void startRegistry() throws RemoteException {
        try {
            LOG.info("Trying to Get Exsisting Registry =========>> ");
            if (SSL != null && SSL.equals("ssl"))
                registry = LocateRegistry.getRegistry(hostName, port.intValue(),
                        new SslRMIClientSocketFactory());
            else
                registry = LocateRegistry.getRegistry(port.intValue());
            try {
                registry.list();
            } catch (RemoteException e) {
                // may not be created. Let's create it.
                if (SSL != null && SSL.equals("ssl")) {
                    LOG.info("Registry not found, Creating New SSL =========>> ");
                    registry = LocateRegistry.createRegistry(port.intValue(),
                            new SslRMIClientSocketFactory(), new SslRMIServerSocketFactory(null, null, true));
                } else {
                    LOG.info("Registry not found, Creating New Naming registry =========>> ");
                    registry = LocateRegistry.createRegistry(port.intValue());
                }

                registryCreated = true;

            }
        } catch (ExportException exception) {
            LOG.error("Exception starting RMI registry. Error was " + exception.getMessage(), exception);
        }
    }

    Similarly i made change for method 

    bind()
notifyCacheAdded()
unbind()
disposeRMICachePeer()
populateListOfRemoteCachePeers()
bind()
init()