Hi Ron,
I think I wrote the EncryptingMarshaller/Unmarshaller in remoting for
the reason to allow the flexibility to the user to define simpler
security transport rather than complex SSL setup. It does not provide as
much security as SSL but better than simple plain transmission.
The Marshallers do provide the flexibility. There is Scott's SRP based
socket factories/implementation that probably needs to be integrated
into remoting.
We have to get SASL/GSS mechanism integrated in the long run. I will
get back after sometime.
Regards,
Anil
Ron Sigal wrote:
Hi Anil,
Thanks for noticing :-)
Anil Saldhana wrote:
> Ron,
> Most of it may already be present.
>
> Here is what I am thinking:
> a) Pluggable mechanism to do authentication at either ends of the
> pipes (SASL)
If you have any specific ideas, could you create a JIRA issue?
Otherwise, I will.
> b) Pluggable ways to secure the payload that passes through the pipes.
As you know, having written them, we have
EncryptingMarshaller/EncryptingUnMarshaller, and the chained
marshaller/unmarshaller facility should allow increased flexibility.
Do you have anything else in mind?
Thanks,
Ron
>
> Regards,
> Anil
>
> Ron Sigal wrote:
>> There have been various attempts to get some discussion going about
>> the features desired for the next generation of Remoting, and so far
>> I think the buzz has broken the -80 db level. I'm trying again with
>> the wiki page at
>>
http://wiki.jboss.org/wiki/Wiki.jsp?page=TowardsGreaterSymmetryInRemoting.
>> We in the Remoting group (i.e., me in the Remoting group) would like
>> to hear from the Remoting stakeholders about what features would
>> make Remoting more usable for you. Of course, I could just go ahead
>> and write fun stuff. :-)
>>
>> -Ron