Sorry couldn't be much help and I don't know who has this expertise. I haven't read it, but the sample chapter for O'Reilly's Tomcat book is on security - so I don't know if that might help:
http://www.oreilly.com/catalog/tomcat/chapter/ch06.pdf Niall ----- Original Message ----- From: "Michael McGrady" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" <[EMAIL PROTECTED]> Sent: Saturday, March 27, 2004 3:34 PM Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception > I really appreciate your effort on this Niall. I am at a loss > presently. I suspect it is Tomcat that is the problem, since I have no > trouble with running a DH generator from the command line. But, why Tomcat > should be the problem is beyond me. I would imagine it must be because > there is some web security issue arising. But this is all just wild > speculation. I really have no idea what is up. Do you know anyone on the > list who is particularly expert in this area, other than the usual suspects > like Craig, who get used too much? > > At 03:52 AM 3/27/2004, you wrote: > >Sorry, that one line reply of mine is about the limit of my knowledge. > >Looking at the SSL docs for Tomcat 5, it has a section on configuring JSSE - > >but it says if you are using Java 1.4.x you can skip the whole step. It also > >says in the troubleshooting at the end that if you get > >"java.security.NoSuchAlgorithmException" errors then its because the JVM > >cannot find the JSSE JAR files. > > > >http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html > > > >I don't know if these are any use, but I found these in the Tomcat User > >List: > > > >http://www.mail-archive.com/[EMAIL PROTECTED]/msg119351.html > >http://www.mail-archive.com/[EMAIL PROTECTED]/msg102382.html > > > > > >Niall > > > >----- Original Message ----- > >From: "Michael McGrady" <[EMAIL PROTECTED]> > >To: "Struts Users Mailing List" <[EMAIL PROTECTED]> > >Sent: Saturday, March 27, 2004 7:59 AM > >Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception > > > > > > > Also, Niall, from the same j2se I can use the KeyPairGenerator for > > > Diffie-Hellman by running main through a command line, but not through > > > Tomcat. So, my reasoning is that it has to be Tomcat? No? I know that > > > through Tomcat it seems to access SunJSSE but not through the command > > > line. What is going on is beyond me at the present. I don't know enough > > > about JSSE to sort this out, I think. I may be wrong about the problem, > > > however. > > > > > > At 10:37 PM 3/26/2004, you wrote: > > > >I get the same problem when tomcat uses Java 1.3.1_04 - i.e. works for > >RSA, > > > >but not DH - when I switch to Java 1.4.2_01, everything is OK. > > > > > > > >Niall > > > > > > > >----- Original Message ----- > > > >From: "Michael McGrady" <[EMAIL PROTECTED]> > > > >To: "Struts Users Mailing List" <[EMAIL PROTECTED]> > > > >Sent: Saturday, March 27, 2004 4:56 AM > > > >Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception > > > > > > > > > > > > > I find that Tomcat has the JCE.jar without a KeyPairGenerator class. > >Yet, > > > > > when I go for KeyPairGenerator.getInstance("RSA") it works but > > > > > KeyPairGenerator.getInstance("DH") does not. Both jce.jar and > > > > > sunjce_provider.jar have DH keys. I just cannot figure what is going > >on > > > > > here. sunjce_provider.jar has KeyPairGenerator in jre/lib/ext/. > >HELP! > > > >LOL! > > > > > > > > > > At 08:14 PM 3/26/2004, you wrote: > > > > > >When I am using Tomcat I get a security exception when I try to > >access a > > > > > >java.security.KeyPairGenerator for a Diffie-Hellman key pair. I > >don't > > > >get > > > > > >it with other servers. Anyone know why this is? > > > > > > > > > > > > > > > > > >java.security.NoSuchAlgorithmException: DH KeyPairGenerator not > >available > > > > > > java.security.Security.getEngineClassName(Security.java:583) > > > > > > java.security.Security.getEngineClassName(Security.java:594) > > > > > > java.security.Security.getImpl(Security.java:1043) > > > > > > > > > >java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:146) > > > > > > > > > >org.apache.jsp.TEST_KEYPAIR_jsp._jspService(TEST_KEYPAIR_jsp.java:57) > > > > > > > > > >org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137) > > > > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856) > > > > > > > > > > > > > > > > > >org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java: > > > >204) > > > > > > > > > > > > > >org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295) > > > > > > > > > >org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241) > > > > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >--------------------------------------------------------------------- > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
