In JXTA, the peer id is not centrally managed and id spoofing attack could happen on purpose or inadvertently. When that does happen, the entire system would be impaired or unable to function at all.
The CBJX is an essential JXTA security component used to verify the sender's address and certificate and drop the messages that fail the verification. With the CBJX in place, the id spoofing attack can be completely avoided. The CBJX also attaches the sender's certificate to every single incoming message. That means the authentication service is a built-in feature thanks to the CBJX. Developers can use the endpoint filter listener API to build any security policies and authorization services.
Together with other JXTA security components such as signed advertisement and SSLEngine secure pipe, CBJX can help you build end-to-end P2P enterprise applications easily.
The signed advertisement, SSLEngine based pipe, and CBJX features are submitted right now to the Issue #103. If that generates enough interests, the features could perhaps be integrated into the next official release.