[jboss-user] [Security & JAAS/JBoss] - Alternative Verifiers instead of AnyCertVerifier

fthurber do-not-reply at jboss.com
Wed Apr 1 17:21:03 EDT 2009


Are there any other Certificate Verifers for BaseCertLoginModule besides the AnyCertVerifier?

AnyCertVerifier  is the only one I saw in the source code, but it is too permissive.  It does not even check the expiration date.

If no verifier is specified, BaseCertLoginModule does the verification, but it imposes an odious requirement for the alias name (it has to be the DN or CN from the certificate).

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4222801#4222801

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4222801



More information about the jboss-user mailing list