Appendix D. Example Programs
This appendix provides a brief description of all the example programs covered in the book. The source code, execution script and readme files corresponding to these examples can be found in the srcjsbook subdirectory of the JSTK (Java Security Tool Kit), the software accompanying the book, installation directory. Examples belonging to a particular chapter are grouped together within ch<nn> subdirectory of this directory, where <nn> denotes the chapter number.
Refer to Appendix C: JSTK Tools for more information on JSTK.
An example has a label of the format: Example ch<nn>-<exdir>, where <nn> stands for the chapter number and <exdir> stands for the example subdirectory. The source files, scripts and other files corresponding to Example ch<nn>-<exdir> can be found in the subdirectory srcjsbookch<nn><exidr> of the JSTK installation. For example, Example ch3-ex1 refers to the first example of the chapter Cryptography with Java and has its sources in the subdirectory srcjsbookch3ex1.
| Example | Description |
|---|---|
| ch3-ex1 | Independent programs to perform cryptographic operations:
|
| ch4-ex1 | Programs to read DER (Distinguished Encoding Rules) encoded X.509 certificate, certificate chain and certificate revocation list and display human readable information. |
| ch5-ex1, ch5-ex2, ch5-ex3, ch5-ex4, ch5-ex5 | Example programs to illustrate Java policy files and permissions-based on code origin, code signer and logged-in user. |
| ch5-pt | Program to measure performance overhead of Java policy-based permission checks. |
| ch5-bank | Program to simulate banking operations. Illustrates policy-based access to authorize banking operations. |
| ch7-ex1 | Program to create and verify XML Signature using VeriSign's TSIK API. |
| ch7-ex2 | Program to create and verify XML Signature using Infomosaic's SecureXML API. |
| ch7-ex3 | Program to perform XML Encryption and Decryption using symmetric and asymmetric algorithms. |
| ch8-ex1 | Example ch5-bank enhanced to use RMI. |
| ch8-ex2 | Example ch8-ex1 enhanced to use Java policy-based authorization. |
| ch9-rmb | Rudimentary Message Board application. Allows users to view, post and remove messages through a browser. Tested under Apache Tomcat. |
| ch9-rmb2 | Example ch8-rmb secured with Web application security. Tested under Apache Tomcat. |
| ch10-ex1 | A simple Echo EJB and its client. Tested under BEA WebLogic 7.0 SP2. |
| ch10-ex2 | Example ch10-ex1 secured with user login. BEA WebLogic 7.0 SP2. |
| ch10-ex3 | Example ch10-ex1 and a gateway EJB to illustrate identity propagation and delegation. Tested under BEA WebLogic 7.0 SP2. |
| ch11-ex1 | A simple echo Web service and DII (Dynamic Invocation Interface) client. Tested under Apache Axis. |
| ch11-ex2 | Example ch11-ex1 modified to use WS-Security handlers to secure SOAP messages. Tested under Apache Axis. |
| ch11-wss | Programs to perform WS Security operations on a SOAP message using VeriSign's TSIK and WSSecurity library: signing, encryption, verification, and decryption. |
| ch11-wss4axis | JAX-RPC handlers for Apache Axis, for both client and service, for applying WS-Security. Used by Example ch11-ex2. Tested under Apache Axis. |