ottoka opened a new pull request #750:
URL: https://github.com/apache/james-project/pull/750
In order to limit access to trusted partners/users only, James should
support TLS with certificate-based client authentication.
For this purpose, TLS configuration is extended with the desired
authentication mode (none, optional, required), and the associated trust store
to validate any received client certificates. Example:
```
<tls socketTLS="true" startTLS="false">
...
<clientAuth required="true">
<truststore>file://conf/truststore</truststore>
<truststoreType>JKS</truststoreType>
<truststoreSecret>yoursecret</truststoreSecret>
</clientAuth>
</tls>
```
This is implemented mostly in `AbstractConfigurableAsyncServer` and
associated Netty infrastructure.
T-Shirt size M.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
