We have an AXIS client that needs to access a AXIS server. This AXIS client has different ID that are reprsented by different certificates. While the server connects to multiple databases at the back end. The client has to use a specific certificate represents itself and to indicate which database it wants to query. The query are done through the same AXIS server.
So obvious, the same client needs to create multiple SSL connections to the same AXIS. I think this is possible, at least on the client side to create different binding objects. For instance, we have two certificates. cert1 saves in file1, while cert2 saves in file2. When the client is started up, we tell the JVM to point to the keystore file to file1 and then we create one binding object. At this point, the cert1 is used in the SSL handshake. Then we use the same system variable to point to the second file2 and then we create a second binding object. This time, the cert2 is used. Thereafter, we use the specific binding object (that is associated with a proper certificate) to talk with the same AXIS server. What really happens on the server side? I think an web application can definitely establish multiple SSL connections with its client, just like so many online applications. but how are these connections managed? Is it true that the container listens and accepts connection requests and then call AxisServlet in different threads. Also about client-cert declaration, how far is it possible to only declare use client-cert, but not enable transport-garantee? So only certificate based authentication, but no data encrytion. Also when we use the JSSE on the client side, we do not need to do any coding specifically (we do set all the JSSE system environables). When we enable SSL, the same certificate will be used for both SSL authentication and application authentication. Anyone does this (not only SSL, but also cert based authentication)? Thanks for the feedback.
