This lesson discusses how to configure the Openwings install
service so that it authenticates installable component Jar files
before installing them.
Before starting Openwings, edit the file ${OW_HOME}/openwings-1.0/policies/properties.txt.
Look for the property net.openwings.install.jar_authentication.
This property has three acceptable values (case insensitive):
None means that the Installer will not attempt
to perform any jar file authentication.Authenticated means that the Installer will attempt
to check signatures on the jarfile against the Openwings keystore.
The installation will only be allowed if the certificate can
be verified.Trusted means that the Installer will attempt
to check signatures on the jarfile against the Openwings keystore.
The installation will only be allowed if the certificate can
be verified and is from a trusted source.
Set the desired setting and save the properties.txt file. Now
restart the Openwings core using ow.csh or ow.bat. The Install
Service will run in secure mode.
The next lesson shows you how to configure your components to
pass this security check.
Next: Sign
a Secure Component
