Message Security Layer
The MSL Framework provides a complete description of the framework and its implementation requirements. The Configuration Guide presents some common client and server MSL configurations. The framework documentation and configuration guide were reviewed by an external security firm. No issues were identified.
The set of public interfaces and classes an application must implement and use is documented in the Public Javadoc. Documentation on all of the code, including internal classes and private methods, can be found in the full Javadoc.
All third-party libraries are subject to their respective license agreements.
To build an application that uses MSL for communication, you must read through and understand the MSL Framework. This is necessary because unlike other security protocols and libraries, you must make choices about how to secure your communication and authenticate your entities and users. The Configuration Guide can help you make those decisions.
The application interface to the MSL stack is
MslControl. The application configuration for a single MSL network is an instance of
MslContext. Your application may participate in multiple MSL networks and therefore have multiple instances of
MslContext but only one
MslControl should be used. Message-specific configuration, such as the user or security properties of that message, are specified in individual instances of
IntelliJ IDEA users should import the Java MSL code as a Gradle project.
Eclipse users should use the Gradle IDE (available in the Eclipse Marketplace) and Web Tools Platform (included with the Eclipse IDE for Java EE developers) to import the Java MSL code as a Gradle project.
An example server is provided under examples/simple/src/main/java/server/. The Eclipse Gradle plugin will import this project as a web project that can be deployed onto a Tomcat server. IntelliJ users must manually configure a run configuration to deploy the project artifact into
Integration tests are provided under integ-tests/src/main/java/. These tests can be run using the
integ-tests Gradle target
test. The Eclipse Gradle plugin will import this project as a web project that can be deployed onto a Tomcat server. IntelliJ users must manually configure a run configuration to deploy the project artifact into
A command line client and server is provided under examples/mslcli/src/main/java/. The command line client can be configured to work with any MSL server. The command line server is an example MSL server that must be run from the command line. See examples/mslcli/readme.txt for more details.
You may need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files to use cryptographic keys above a certain size.
- Chrome Browser 37+
For earlier versions:
On Linux libnss 3.16.2+ must be separately installed.
- Firefox 34+
For earlier versions:
- Internet Explorer 11+
- Safari 8+
Your browser may not support all Web Crypto API algorithms, key sizes, and features. If you encounter a problem with a Web Crypto operation please check the release notes for your browser version to determine if it supports what you are trying to do.
Copyright 2014 Netflix, Inc.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.