How about to avoid breaking backwards compatibiility (or introducing a new OpenWire version) just adding a new derivation of a ConnectionInfo which could take additional fields like the certificate & token etc?
On 7/19/06, Hiram Chirino <[EMAIL PROTECTED]> wrote:
Hi Sepand! On 7/18/06, Sepand M <[EMAIL PROTECTED]> wrote: > > Thanks for the info James. > > Please tell me what you think of the following: > I plan on having a new transport class that will do SSL client > certificate authentication and then override the ConnectionInfo > class's username field (we don't need a password) with the > distinguished name of the client. This sounds good. Now, that I think of it. I think that would useful for the authorization layer to be able to access the whole cert that was provided that the transport layer. Would it help if the ConnectionInfo class had an additional transient Object field that you could attach certificate info to? I could have the transport override every command's username with the > DN, but that's not needed if I use a UserIdBroker. That sounds good too. This should be ok, right? > > Thanks, > Sepand > -- Regards, Hiram Blog: http://hiramchirino.com
-- James ------- http://radio.weblogs.com/0112098/
