[jira] [Commented] (ARTEMIS-1264) Client authentication via Kerberos TLS Cipher Suites (RFC 2712)

Fri, 30 Jun 2017 06:06:20 -0700 

    [ 
https://issues.apache.org/jira/browse/ARTEMIS-1264?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16070061#comment-16070061
 ] 

ASF GitHub Bot commented on ARTEMIS-1264:
-----------------------------------------

GitHub user gtully opened a pull request:

    https://github.com/apache/activemq-artemis/pull/1379

    https://issues.apache.org/jira/browse/ARTEMIS-1264

    first cut poc for the core client with netty connector and acceptor doing 
kerberos
    jaas.doAs around sslengine init such that the SSL handshake can do kerberos 
ticket
    generaton and validation.
    The kerberos authenticate user is then validated with the security manager 
before
    being populated into the message userId.
    The feature is enabled with the kerb5Config property. When lowercase it is 
the
    principal. With a leading uppercase char it is the login.config entry to 
use.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/gtully/activemq-artemis ARTEMIS-1264

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/activemq-artemis/pull/1379.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1379
    
----
commit c17227e77d5557bba71daa791aab63937e256891
Author: gtully <[email protected]>
Date:   2017-06-30T12:56:24Z

    https://issues.apache.org/jira/browse/ARTEMIS-1264
    
    first cut poc for the core client with netty connector and acceptor doing 
kerberos
    jaas.doAs around sslengine init such that the SSL handshake can do kerberos 
ticket
    generaton and validation.
    The kerberos authenticate user is then validated with the security manager 
before
    being populated into the message userId.
    The feature is enabled with the kerb5Config property. When lowercase it is 
the
    principal. With a leading uppercase char it is the login.config entry to 
use.

----


> Client authentication via Kerberos TLS Cipher Suites (RFC 2712)
> ---------------------------------------------------------------
>
>                 Key: ARTEMIS-1264
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-1264
>             Project: ActiveMQ Artemis
>          Issue Type: New Feature
>    Affects Versions: 2.1.0
>            Reporter: Gary Tully
>            Assignee: Gary Tully
>
> Allow a client authenticated with a kerberos credential to authenticate to 
> the broker using SSL via the Kerberos cipher suites.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to