Hi Indika, On Mon, Jul 20, 2009 at 10:19 PM, indika kumara <[email protected]>wrote:
> I am agree with asankha , > > Requirement is to enable to represent multiple identities by synapse itself > and also call to external services whose identities are different. For > first requirement it may need to expose identities at proxy services level. > For second requirement, it may need ability to specify and use multiple > client certificates at endpoint level when calling different external > services. > > Giving Multiple SSLContexts is the scalable solution. Specially, for the > requirement one, using reactor will not be scalable. Even for second > requirement. > > But, it seems in the current IOreactor implementation it is only possible > to be given one SSLContext (with IOEventDispatch). > > Seems like we need a new IOEventDispatch implementation that take Map of > SSLContexts (or composite IOEventDispatch) and then within method, +1 to this approach. I think this is the best possible solution if it's doable. Thanks, Hiranya > > > *public void connected (final IOSession session)* > > Based on information on IOSession session, pick the correct SSLContext. I > am not sure possibility of this, but Asankha or Oleg sure knows this. > > Thanks > Indika > > > > > > I guess the real use case is the ability to use multiple identity > > certificates when communicating out. A usual use case is that one > > organization would need to use an identity certificate A when talking to > an > > endpoint of Company A, and another identity certificate B when talking to > an > > endpoint of Company B etc, when using 2-way SSL. This does not > necessarily > > require the support for multiple keystores, unless I have missed > something. > > > > I have not yet looked into details.. but I do not directly see the need > for > > multiple IO reactors to support this.. but just multiple SSLContexts. > > > > cheers > > asankha > > > > -- > > Asankha C. Perera > > AdroitLogic, http://adroitlogic.org > > > > http://esbmagic.blogspot.com > > > > > > > > > > -- Hiranya Jayathilaka Software Engineer; WSO2 Inc.; http://wso2.org E-mail: [email protected]; Mobile: +94 77 633 3491 Blog: http://techfeast-hiranya.blogspot.com
