TPTP feature: 195644

Requirement summary

This feature should cover the work required to enhance TPTP to support secured connections.

User interactions

User interface

Should not change UI. For input of credentials, existing hyades forms could be used.

Code interfaces

Suggested minimal changes in API in client code in org.eclipse.tptp.platform.execution plugin:

- add method boolean isAuthenticated() to org.eclipse.tptp.platform.execution.client.core.IAgentController

Design summary

Security features could be implemented by two ways: native implementation, using external ssl library and Java implementation, using JSSE.

1. Native implementation.
To support ssl connections, it is suggested to use an external library openssl. This library is preinstalled on most Linux builds and is available in source and binaries for Linux and Windows. Dynamic lazy loading of this library (implemented in the 202638) will allow to use AC if the library is absent and security features are not required. On Windows, the same decision can be used: To activate security user just need to install openssl package. Other option is to use Win API to support ssl connections. Although, different implementation for each platform requires additional efforts for support.
This, native, implementation is already done and tested for Linux and has been checked into the CVS. Together with the native implementation of file services (196435), native implementation of security could give significant gain in performance.

2. Java implementation.
Intended to use JSSE via JNI calls. This implementation has significant overhead: in memory - 280-440% (see the 196435) and in performance. JNI implementation is more difficult to debug. Implementation on AC side might be the same as in the old RAC, which uses JSSE. For client side code implemented in (1) might be used.