Establishing a secure connection – PB Docs 125

Establishing a secure connection

To establish
a secure connection to EAServer,
follow these steps:

  1. Create
    an instance of the SSLServiceProvider object.

  2. Optionally use the GetGlobalProperty function
    to obtain security information from the server.

  3. Set properties required by the server using the SetGlobalProperty function.

  4. Connect to the server using the ConnectToServer function
    of the Connection object.

Creating an instance of SSLServiceProvider

This code creates an instance of the SSLServiceProvider object:

Getting information from the server

Use GetGlobalProperty to obtain information
about the security characteristics of the server. This example gets
information about supported CipherSuites from the availableQop property,
and displays the information in a drop-down list:

Setting global properties

Before you connect to the server, you must set required global
properties. This code sets qop to the value sybpks_intl
and pin to the value sybase:

Most of the properties set using SetGlobalProperty can
be set only once for the lifetime of the client executable. The
properties remain in effect when the client disconnects from or
reconnects to the server.

note.png Restarting PowerBuilder

When you run a client application in PowerBuilder, you can
set global properties only once during the
PowerBuilder session. You will need to restart PowerBuilder each
time you test the code that sets global SSL properties.

If you want to use an instance of the SSLCallback object to
obtain user input interactively, you need to set the global property
CallBackImpl. See “Using SSL callbacks”.

Connecting to the server

When you begin a secure session, the client and server exchange
messages in the SSL handshake process. The client provides information
that the server needs in order to communicate with the server, then
the server must always authenticate itself to the client before
the process can continue. If the server requires client authentication,
the client must be authenticated before the process can continue.
When the required authentication is complete, the client and server
create symmetric keys that will be used for encryption, decryption, and
tamper detection in the SSL session. To catch any exceptions that
are raised during this process, you should enclose the ConnectToServer call
in a try-catch block.

When you establish a secure connection, use iiops instead
of iiop in the location property
of the connection object. The server typically listens for secure
connections on ports 2001 or 2002. This example uses a Connection object, g_connect,
that has been declared as a global variable. The example uses the
options property of the Connection object to specify a different CypherSuite
for this connection:

Troubleshooting connections

When a secure connection fails, the error message that displays
is the same as for insecure connections. It does not provide any
additional information about the reason for failure. To obtain more
information in a log file, you can enable the ORBLogIIOP option
and specify a value for the ORBLogFile option. In the example above,
you would replace the g_connect.options statement
with something like this:

Alternatively, you can set the JAG_LOGFILE environment
variable to specify the log file in which initialization errors
are recorded.


Document get from Powerbuilder help
Thank you for watching.
Was this article helpful?
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x