Patches item #567987, was opened at 2002-06-12 12:49 You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=376687&aid=567987&group_id=22866
Category: JBossSX Group: v3.0 Rabbit Hole Status: Open Resolution: None Priority: 5 Submitted By: Phil Dawes (pdawes) Assigned to: Nobody/Anonymous (nobody) Summary: Cert Auth SSL Patch For Tomcat Initial Comment: Hello All, This patch exposes the certificate chain to the jboss AuthenticationManager. This enables authentication of certificate based users via a JAAS login module (via the SecurityAssociationCallback). Unfortunately because of the way jbossSX/JAAS works, AFAICS there is no way to get the authenticated username out of the JAAS login module without resorting to non-standard hacks and breaking the authentication caching. So instead, this patch sets the authenticated principal to a SimplePrincipal with a name made up of the certificate serialnumber and issuer before invoking the isValid() method. Cheers, Phil P.S. there is no category for Tomcat integration, so I've set it to jbosssx. Sorry if this causes confusion. ---------------------------------------------------------------------- You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=376687&aid=567987&group_id=22866 _______________________________________________________________ Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
