just wondering if the SSO communication to iProcess Object Server (using ssoJBase.jar) is encrypted and if at least the password is transmitted encrypted.
The questioner has it right. The only thing encrypted in the communication between SSO (iPSO) and the SPO server (iPOS) is the password in the login message, nothing else is encrypted.
The encryption of the password is TIBCO proprietary.
Using RMI is no help. RMI happens within SSO, method calls in the client become a stub that serializes the method
arguments and passes them to the method implementation in the RMI server. The RMI server now communicates
with the SPO server, using the exact same non-encrypted tcp-ip socket connection.
Generally, communication between the internal components of iProcess should happen inside your company's firewall.
Message was edited by: Doug Hockin
As I know jbase is not encrypted. TIBCO recommends using RMI transport to support secured connections
This Question already has a 'Best Answer'. If you believe this answer is better, you must first uncheck the current Best Answer