[
https://issues.apache.org/jira/browse/DISPATCH-204?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15243235#comment-15243235
]
Ganesh Murthy commented on DISPATCH-204:
----------------------------------------
This was fixed as part of the checkin for DISPATCH-200
> Identity mapping from X.509 certificate data to a descriptive nickname
> ----------------------------------------------------------------------
>
> Key: DISPATCH-204
> URL: https://issues.apache.org/jira/browse/DISPATCH-204
> Project: Qpid Dispatch
> Issue Type: New Feature
> Components: Container
> Reporter: Ted Ross
> Assignee: Ganesh Murthy
> Fix For: 0.7
>
>
> This is an enhancement for the feature introduced in DISPATCH-200 (Flexible
> mapping from x.509 certificates to an identity).
> There are cases in which the best identifier for a client certificate is the
> fingerprint. Since the fingerprint is not very user/operator-friendly, it is
> useful to provide a facility to map the DISPATCH-200 identifier to a more
> people-friendly nickname.
> The mappings shall be held in a persistent store (a json-file in the config
> directory would be a good start). The only available management operation on
> this data set shall be to reload the data file, presumably with updated
> mappings. It would be a potential security vulnerability to provide direct
> management access to the content of the mapping.
> The identities that come from the mappings (i.e. the nicknames) shall be used
> to annotate the AMQP connections (for management visibility) and to index
> into the access/resource policy for each connection.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
