]
Darran Lofthouse commented on ELY-755:
--------------------------------------
I don't know if it gets too complicated but maybe we don't go for my clean up pull
request and instead go for something where the AuthenticationContext falls back to the
AuthenticationConfiguration if the conrtext has no match.
Add ability for client-side SSL context configuration to include
authentication
-------------------------------------------------------------------------------
Key: ELY-755
URL:
https://issues.jboss.org/browse/ELY-755
Project: WildFly Elytron
Issue Type: Enhancement
Components: API / SPI, Authentication Client, Passwords, SSL, X.500
Reporter: David Lloyd
One thing that was lost in the switch to separate SSL context configuration was the
ability to perform client SSL authentication using certificates or other credentials
configured in the authentication client configuration.
There should be a configuration option to replace the key manager for the client SSL
context with one which uses the authentication configuration to retrieve, at minimum,
certificate credentials. Plus whatever is necessary to forward or set a GSSCredential for
Kerberos-based mechanisms.