E-mail:
Password

Login

• Forgot password?
• Create profile

• support.sas.com

• Knowledge Base

• Support

• Training & Bookstore

• Community

FOCUS AREAS

• Base SAS
• Data Visualization
• Enterprise Management Integration
• Migration
• Scalability & Performance
• Statistics & Operations Research
• SAS AppDev Studio

Developer Resources

• Reference
• Examples
• Product Information
• SAS Notes
• Software Downloads
• System Requirements

Products

• webAF Software
• webEIS Software
• SAS/IntrNet Software
• SAS/AF Software
• SAS Integration Technologies

Technologies

• Applets/Applications
• Web Applications
• Wireless Apps

API Reference

• Component API
• J2SE API
• J2EE API

SAS AppDev Studio 3.0 Developer's Site

Using SAS/SECURE Encrypted Connections in SAS AppDev Studio

Introduction

SAS/SECURE software provides encryption services to increase the security of transmissions across a network. These encryption services can be used from remote Java clients via the classes that are provided in the sas.rutil.jar file, which is provided with the SAS/SECURE product. The purpose of this document is to describe how to use the SAS/SECURE encrytion services to implement secure connections from the applets, applications, and Web applications that you develop using SAS AppDev Studio.

Specifying Encryption Settings on the Connection

SAS AppDev Studio provides a Connection component (com.sas.rmi.Connection) that is used to define the network connection between the Java client and the back-end SAS server. The Connection component provides options that support the use of SAS/SECURE software to encrypt the data as it is transferred across the network. These options can be accessed from the Encryption tab of the Edit Connection dialog box.

To enable encryption on the connection, select the Use Encryption check box. When the Use Encryption check box is selected, then you can set or edit the following encryption settings:

Policy

Select Optional or Required from this drop-down list to determine whether the password and the user ID information is encrypted.

Algorithms

Use these selection lists to set the industry-standard encryption algorithms that you want to use in conjunction with your Policy and Context settings.

Context

Select one of the following items from the drop-down list:

• SAS to encrypt all communication between SAS and your project.
• Telnet to encrypt all communication between your spawner connection and your project.
• Both to encrypt all communication between SAS, your spawner, and your project.

Content

Select either All or Authenticated to determine which content is encrypted.

Once you have specified your encryption settings, you can test your encrypted connection by selecting the Test tab in the Edit Connection dialog box and using the available diagnostics.

Secure Connections from Java Applets using JSASNetCopy

To provide for enhanced deployment of Java applets, SAS AppDev Studio includes a technology called JSASNetCopy that will automatically download and cache the necessary support libraries for use in a Java applet context. Starting with SAS AppDev Studio 3.0, JSASNetCopy is distributed using a Web Application Archive (WAR) file. Due to encryption export restrictions, SAS AppDev Studio and JSASNetCopy do not include support for SAS/SECURE by default. As a result, you have to modify the JSASNetCopy WAR file to include the sas.rutil.jar file if you want to use encrypted connections from Java applets that are deployed using JSASNetCopy.

The JSASNetCopy WAR file (JSASNetCopy.war) is installed in the \Java\JSASNetCopy folder under the SAS AppDev Studio root installation folder. To modify the JSASNetCopy WAR file to include the sas.rutil.jar file, follow these steps:

1. When you install SAS/SECURE software, a sasecjav.zip file containing the sas.rutil.jar file is created in the !sasroot\securwin\sasmisc\ folder. Copy the sas.rutil.jar file to the \Java\SAS\ext folder under the SAS AppDev Studio root installation folder.
2. Start webAF.
3. Select Tools Update JSASNetCopy.war.
4. Deploy the modified JSASNetCopy.war file.

After performing these steps, the JSASNetCopy.war file will include the sas.rutil.jar file. In addition, the configuration file (JSASNetCopyConfig.txt) that is contained in the JSASNetCopy.war file will include a reference to the sas.rutil.jar file so that it is automatically downloaded for any applets that are executed using JSASNetCopy.

Optionally, you can leave the JSASNetCopy.war file unmodified and simply include the sas.rutil.jar file on an applet-by-applet basis. You can do this by deploying the sas.rutil.jar file to your Web server and then, in the same location where the applet HTML is deployed, creating a JSASNetCopyConfig.txt file that refers to the deployed sas.rutil.jar file. The local JSASNetCopy configuration file is used to augment or override information that is provided in the master JSASNetCopy configuration file. So, in the case of SAS/SECURE software, this file only needs to contain information about the sas.rutil.jar file. For details on how to use a local JSASNetCopy configuration file, see the JSASNetCopy Administration Guide.

Secure Connections from Java Applications

To support encrypted connections from Java applications, the sas.rutil.jar file must be included in the application classpath. To include the sas.rutil.jar file on the application classpath during development, you must modify the project properties for the application project, as follows:

1. Start webAF.
2. Open your application project.
3. Select File Project Properties. In the Project Properties dialog box, select Environment in the tree on the left.
4. For the Environment properties, select the For this project only, add these entries to the Classpath check box. Then add the fully-qualified path for the sas.rutil.jar file in the text entry field as shown below:
   
   
   
   
5. Click OK to save the changes to the project classpath.

Now, when you start your application project by selecting Build Execute, the sas.app.class.path is updated to include the sas.rutil.jar file. This enables you to make secure connections from your Java application.

If you want to include the sas.rutil.jar file in the classpath for all the new projects that you create, you can add it to the webAF application options by following these steps:

1. Start webAF.
2. Select Tools Options. In the Options window, select Environment in the tree on the left.
3. For the Environment options, add the fully-qualified path for the sas.rutil.jar file to the Add these entries to the Classpath text entry field as shown below:
   
   
   
   
4. Click OK to save the changes to the webAF application options.

Now, for any projects that are subsequently created, the sas.rutil.jar file will be automatically added to the classpath. Note that this change does not impact any already existing projects. You must change any pre-existing projects to include the sas.rutil.jar file using the project options for that project as described above.

To invoke your deployed Java application with support for SAS/SECURE encrypted connections, you must make sure to include the sas.rutil.jar file in the classpath.

Secure Connections from Java Applications using the SAS Application Launcher

You can also use the SAS application launcher (sas.launcher.jar) to invoke your Java application. The following instructions for using the sas.rutil.jar file with the SAS application launcher assume the following:

• The SAS extension JAR files from the \Java\SAS\ext folder have been deployed to the c:\sas\java\ext folder.
• The sas.launcher.jar file from \webAF\bootlib folder has been deployed to the c:\sas\java\bootlib folder.
• Your application classes have been deployed to c:\myapp.
• Your application's main class is myapp.class.
• The Java Runtime Environment is installed at c:\jre1.4.1.

Based upon the above assumptions, to enable your application to use an encrypted connection via SAS/SECURE, you need to copy the sas.rutil.jar file to the folder where you have deployed the other SAS extension JAR files (c:\sas\java\ext), and then invoke the application using the SAS application launcher as follows (this single-line command has been split to make it easier to read):

c:\jre1.4.1\bin\java.exe
  -Dsas.app.class.dirs=c:\sas\java\ext;c:\jre1.4.1\lib\ext;
  -Dsas.app.class.path=c:\myapp
  -classpath=c:\sas\java\bootlib\sas.launcher.jar
  myapp <application-parameters>

The benefit of using the SAS application launcher is that it prevents your Java application from being impacted by a potential classloader deadlock situation that can exist in J2SE 1.4.

Secure Connections from Web Applications

To support encrypted connections from web applications, you only need to copy sas.rutil.jar to your Web application's WEB-INF\lib folder. It can then be packaged into the Web application's WAR file using the webAF Package Wizard.

Contact Us | Sitemap | RSS Feeds | www.sas.com | Terms of Use & Legal Information | Privacy Statement