[
https://issues.jboss.org/browse/ISPN-4313?page=com.atlassian.jira.plugin....
]
Vijay Bhaskar Chintalapati updated ISPN-4313:
---------------------------------------------
Description:
Currently the Infinispan Server can be configured with SSL encryption such that it
requires the client to authenticate itself to the server for the purposes of encryption.
This can be done by setting the attribute require-ssl-client-auth="true" as
shown below.
<hotrod-connector
socket-binding="hotrod" cache-container="security">
....
<encryption
security-realm="ApplicationRealm" require-ssl-client-auth="true"/>
....
</hotrod>
But when that attribute is set to "true" a check should be enforced to check the
existence of the the <truststore .. /> element exists in secruity-realm's
<authentication>.
If the check on the configuration fails, the server should throw and error on bootup
rather than fail when client connections start to come in.
was:
Currently the Infinispan Server can be configured with SSL encryption such that it
requires the client to authenticate itself to the server for the purposes of encryption.
This can be done by setting the attribute require-ssl-client-auth="true" as
shown below.
<hotrod-connector
socket-binding="hotrod" cache-container="security">
....
<encryption
security-realm="ApplicationRealm" require-ssl-client-auth="true"/>
....
</hotrod>
But when that attribute is set to "true" a check should be enforced to check the
existence of the the <truststore .. /> element exists in secruity-realm's
<authentication>
If Hotrod Server encryption's require-ssl-client-auth is set to
true, <truststore .. /> existence must be checked
-----------------------------------------------------------------------------------------------------------------
Key: ISPN-4313
URL:
https://issues.jboss.org/browse/ISPN-4313
Project: Infinispan
Issue Type: Bug
Components: Configuration, Security
Affects Versions: 7.0.0.Alpha4
Reporter: Vijay Bhaskar Chintalapati
Assignee: Dan Berindei
Priority: Critical
Currently the Infinispan Server can be configured with SSL encryption such that it
requires the client to authenticate itself to the server for the purposes of encryption.
This can be done by setting the attribute require-ssl-client-auth="true" as
shown below.
<hotrod-connector
socket-binding="hotrod" cache-container="security">
....
<encryption
security-realm="ApplicationRealm" require-ssl-client-auth="true"/>
....
</hotrod>
But when that attribute is set to "true" a check should be enforced to check
the existence of the the <truststore .. /> element exists in secruity-realm's
<authentication>.
If the check on the configuration fails, the server should throw and error on bootup
rather than fail when client connections start to come in.
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)