-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Update: Now a user can just type the URL of a trusted site and the certificate chain will be retrieved and added to the user keystore by the Mashup Server. Tyrell Tyrell Perera wrote: | FYI | | We now have a keystore per user along with keystore management | functionality exposed in the UI. It works as follows at present. | | ~ - A keystore is 'cloned' using the server keystore at user registration | and stored in the registry. | | ~ - A user can manage the certificates in his/her keystore using the | 'Certificate Manager' page, accessible through the 'Tasks' panel | | ~ - The management UI allows a user to add trusted certificates to sites | ans delete them if required | | ~ - A custom protocol handler is in place, which retrieves a user | keystore from the registry and uses the certificates stored within to | make https connections on demand (Currently the Sharing service uses this). | | | Example scenario | ---------------- | | - User tries to share a mashup to another server in a separate domain. | HTTPS is required and a certificate for that domain is not available in | the user keystore. | | - Sharing fails. The dialog informs the user the reason for the failure | along with a link to the 'Certificate Manager' page. | | ~ - The User obtains the public certificate for this domain and adds it | to his/her keystore and retries. The sharing service picks up the new | certificate and successfully shares the mashup. | | | We can potentially extend this feature to obtain certificates just by | giving the URL of a site. The WSRequest host object, will have to be | changed to use the custom protocol handler as well. | | | Tyrell | | _______________________________________________ Mashup-dev mailing list [email protected] http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev - -- Tyrell Perera Senior Software Engineer; WSO2, Inc.; http://www.wso2.com/ email: [EMAIL PROTECTED]; cell: +94 77 302 2505 "Oxygenating the Web Service Platform." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFILgGTehFdPcgGx7oRAqbcAKCyI/ry0uyoEFaKZ8WSeDIfVyd78gCfZlUW anTe1X0Jbatu07kxwlmGXrk= =Phsp -----END PGP SIGNATURE----- _______________________________________________ Mashup-dev mailing list [email protected] http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
