MemberzPlus

Leading Members To New Heights

Ross Group Inc   Client Portal  |  (800) 652-4985  |  Contact    Get Started 
Subscribe Today!  

The
MemberzPlus
Blog

Read what we are talking about



Setting up JBoss6 Security

for the MemberzPlus installer

In prior releases of MemberzPlus, there has been no need to do anything special to enable strong encryption other than installing the unlimited key policy jar files. As of Version 6 of JBoss, the security model has changed. Now we have to install the Java Cryptography Extension (JCE) provider at the JDK level. In other words, it has to be installed in the Java system, rather than in the JBoss application.

MemberzPlus uses the Bouncy Castle JCE provider. This is a popular choice due to the fact that it is open source and has a huge customer base. Free is good. In previous versions of MemberzPlus, we just put the Bouncy Castle jar files in the /lib/ext folder in JBoss and everything worked fine. Now we need to put them in the Java environment:

1) Copy the Bouncy Castle jars (bcprov-jdk16-144.jar, bcpg-jdk16-144.jar) to {java home}/jre/lib/ext.

2) Update the {java home}/jre/lib/security/java.security file to add the Bouncy Castle Provider by adding this to the list of providers:

security.provider.9=org.bouncycastle.jce.provider.BouncyCastleProvider

Alan Moor
Alan Moor
VP of Software Development

Mr. Moor joined the team in 1996 as an experienced developer in Oracle, PL/SQL, and PowerBuilder. He has been a team lead and project manager of many high visibility projects including lead on the roll-out of our membership management software MemberzPlus to a membership organization over five million members. Mr. Moor is an Air Force Veteran with 8 years of service and served on the board of the Turner Syndrome Society. Mr. Moor has over 25 years experience in software development in a variety of technical disciplines including Oracle and Java.