-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FYI
We now have a keystore per user along with keystore management functionality exposed in the UI. It works as follows at present. ~ - A keystore is 'cloned' using the server keystore at user registration and stored in the registry. ~ - A user can manage the certificates in his/her keystore using the 'Certificate Manager' page, accessible through the 'Tasks' panel ~ - The management UI allows a user to add trusted certificates to sites ans delete them if required ~ - A custom protocol handler is in place, which retrieves a user keystore from the registry and uses the certificates stored within to make https connections on demand (Currently the Sharing service uses this). Example scenario - ---------------- - - User tries to share a mashup to another server in a separate domain. HTTPS is required and a certificate for that domain is not available in the user keystore. - - Sharing fails. The dialog informs the user the reason for the failure along with a link to the 'Certificate Manager' page. ~ - The User obtains the public certificate for this domain and adds it to his/her keystore and retries. The sharing service picks up the new certificate and successfully shares the mashup. We can potentially extend this feature to obtain certificates just by giving the URL of a site. The WSRequest host object, will have to be changed to use the custom protocol handler as well. Tyrell - -- Tyrell Perera Senior Software Engineer; WSO2, Inc.; http://www.wso2.com/ email: [EMAIL PROTECTED]; cell: +94 77 302 2505 "Oxygenating the Web Service Platform." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFILa5HehFdPcgGx7oRAkK0AJ9yFyObZhUGrcc+zDJkbFq6Q2OIIwCfch0H Go8y24JlDFJaqODm4LG6bdY= =cqFh -----END PGP SIGNATURE----- _______________________________________________ Mashup-dev mailing list [email protected] http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
