[
https://issues.apache.org/activemq/browse/AMQ-1659?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=42172#action_42172
]
ericdwhite edited comment on AMQ-1659 at 4/10/08 5:51 AM:
----------------------------------------------------------
https://issues.apache.org/activemq/secure/attachment/16327/amq-411-simple-version.patch
This file is for ActiveMQ 4.1.1
I have tested this file locally and it works for me.
In this version only boolean properties are used. This make it impossible to
know if the property was set on the Transport URL or not.
My personal belief is the complex version is better, but I supplied both as I'm
unsure how the maintainers would like to see the issue resolved.
was (Author: ericdwhite):
This file is for ActiveMQ 4.1.1
I have tested this file locally and it works for me.
In this version only boolean properties are used. This make it impossible to
know if the property was set on the Transport URL or not.
My personal belief is the complex version is better, but I supplied both as I'm
unsure how the maintainers would like to see the issue resolved.
> SSL Transport configured in wantClientAuth mode never asks for the client
> certificate during the SSL Handshake
> --------------------------------------------------------------------------------------------------------------
>
> Key: AMQ-1659
> URL: https://issues.apache.org/activemq/browse/AMQ-1659
> Project: ActiveMQ
> Issue Type: Bug
> Components: Transport
> Affects Versions: 4.1.1
> Environment: I think this is for all environments, it may be JDK
> dependent though.
> I tested on:
> Linux 2.6.20-gentoo-r7
> java version "1.6.0"
> Java(TM) SE Runtime Environment (build 1.6.0-b105)
> Java HotSpot(TM) 64-Bit Server VM (build 1.6.0-b105, mixed mode)
> Reporter: Eric White
> Fix For: 4.1.1
>
> Attachments: amq-411-complex-version.patch,
> amq-411-simple-version.patch, amq-500-complex-version.patch,
> amq-500-simple-version.patch
>
> Original Estimate: 2 days
> Remaining Estimate: 2 days
>
> See:
> http://java.sun.com/javase/6/docs/api/javax/net/ssl/SSLServerSocket.html#setWantClientAuth(boolean)
> "
> A socket's client authentication setting is one of the following:
> * client authentication required
> * client authentication requested
> * no client authentication desired
> "
> In the API it indicates that if you call either setWantClientAuth, or
> setNeedClientAuth it will override the call to the other.
> Therefor I believe the following code only allows for ActiveMQ to be in two
> states:
> * Client Authentication Required (needClientAuth==true)
> * No client Authentication Desired (needClientAuth==false)
> activemq-core/src/main/java/org/apache/activemq/transport/tcp/SslTransportServer.java
> As setWantClientAuth is overridden by setNeedClientAuth.
> public void bind() throws IOException {
> super.bind();
> ((SSLServerSocket)this.serverSocket).setWantClientAuth(wantClientAuth);
> ((SSLServerSocket)this.serverSocket).setNeedClientAuth(needClientAuth);
> }
> I believe this the same issue as this Jetty issue:
> http://jira.codehaus.org/browse/JETTY-86
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
