[jboss-jira] [JBoss JIRA] Resolved: (SECURITY-558) BaseCertLoginModule should also work with a truststore
[
https://issues.jboss.org/browse/SECURITY-558?page=com.atlassian.jira.plug...
]
Marcus Moyses resolved SECURITY-558.
------------------------------------
Resolution: Done
LoginModule now looks for the certificate in the truststore first. If there is no
truststore configured in the JaasSecurityDomain, it falls back to using the keystore
instead.
BaseCertLoginModule should also work with a truststore
------------------------------------------------------
Key: SECURITY-558
URL: https://issues.jboss.org/browse/SECURITY-558
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Feature Request
Security Level: Public(Everyone can see)
Components: JBossSX
Affects Versions: JBossSecurity_2.0.4.SP6, PicketBox_v4_0_alpha2
Reporter: Marcus Moyses
Assignee: Marcus Moyses
Fix For: JBossSecurity_2.0.4.SP7, PicketBox_v4_0_alpha3
BaseCertLoginModule uses a JaasSecurityDomain to validate the certificates. Currently it
only uses the configured keystore for this. We need to allow the truststore to be checked
by default and fallback to the keystore if the truststore is not configured.
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira