[jboss-user] [Security & JAAS/JBoss] - Alternative Verifiers instead of AnyCertVerifier
fthurber
do-not-reply at jboss.com
Wed Apr 1 17:21:03 EDT 2009
Are there any other Certificate Verifers for BaseCertLoginModule besides the AnyCertVerifier?
AnyCertVerifier is the only one I saw in the source code, but it is too permissive. It does not even check the expiration date.
If no verifier is specified, BaseCertLoginModule does the verification, but it imposes an odious requirement for the alias name (it has to be the DN or CN from the certificate).
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4222801#4222801
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4222801
More information about the jboss-user
mailing list