Securing network communication between Business Process Server components

Business Process Server supports RMI over IIOP (RMI/IIO) protocol to communicate between EJB and portal components. This protocol is not encrypted. To make the network communication more secure by encryption, RMI over IIOP can be sent through SSL protocol. This technique is called RMI over IIOP over SSL (RMI/IIOP/SSL). SSL is standard industry protocol to provide authentication, non-repudiation and encryption functionality.

Business Process Server does not provide RMI/IIOP/SSL functionality but relies on J2EE compliant application servers to provide this functionality. Since RMI/IIOP/SSL is not a standard part of J2EE, this functionality may not be available to all application servers. Refer to your application server documentation on enabling this functionality.

RMI/IIOP is supplied via object request brokers (ORB). Security standards do not exist for interoperability between ORBs. When RMI/IIOP/SSL is enabled, a client ORB from one vendor will not work with a server ORB from another vendor.

For more information about RMI/IIOP/SSL for your application server, refer to your application server documentation.