[
https://issues.apache.org/jira/browse/GERONIMO-1930?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12566184#action_12566184
]
David Jencks commented on GERONIMO-1930:
----------------------------------------
I don't think it's appropriate for any of our existing login modules to be
aware of a truststore because they all assume any certificate chain they see
results from an already estabished ssl/tls connection. Thus, in order to get
to the login module, the truststore must have been known by the connection
machinery. So, generally the solution to this kind of problem should be to
make the connection machinery aware of the geronimo keystore machinery, as is
for instance done in the jetty integration.
As Vamsi pointed out in a mailing list reply you can always use a
SystemPropertiesGBean to set system properties if you can't make the connection
machinery geronimo-keystore-aware.
> Make security realm types into GBeans so they can be added in new/updated
> configurations
> ----------------------------------------------------------------------------------------
>
> Key: GERONIMO-1930
> URL: https://issues.apache.org/jira/browse/GERONIMO-1930
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: console, security
> Affects Versions: 1.1
> Reporter: Aaron Mulder
> Fix For: 1.x
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
