]
Adrian Brock resolved JBAS-3755.
--------------------------------
Resolution: Done
Assignee: Scott M Stark (was: JBN Patch Team)
Expose all SSL socket factory settings via properties or attributes
for UIL2
----------------------------------------------------------------------------
Key: JBAS-3755
URL:
http://jira.jboss.com/jira/browse/JBAS-3755
Project: JBoss Application Server
Issue Type: Support Patch
Security Level: Public(Everyone can see)
Components: JMS service, Security
Affects Versions: JBossAS-4.0.4.GA
Reporter: Scott M Stark
Assigned To: Scott M Stark
Attachments: jbossmq.jar, sslext-uil2-service.xml
Currently the ssl socket factories don't have any notion of picking up settings like
the enabled cipher suites from system properties or the security domain in the case of the
org.jboss.security.ssl.DomainSocketFactory. We should be able to set any JSSE
SSLSocketFactory setting from these external values by injecting a fully configured socket
factory:
<mbean code="org.jboss.mq.il.uil2.UILServerILService"
name="jboss.mq:service=InvocationLayer,type=SSLUIL2">
...
<attribute name="ServerSocketFactoryBean">
attributeClass="org.jboss.security.ssl.DomainServerSocketFactory"
serialDataType="javaBean">
<property
name="bindAddress">${jboss.bind.address}</property>
<property
name="securityDomain">java:/jaas/rmi-ssl</property>
<property name="wantsClientAuth">true</property>
<property name="needsClientAuth">true</property>
<property
name="CiperSuites">TLS_DHE_DSS_WITH_AES_128_CBC_SHA</property>
<property
name="Protocols">SSLv2Hello,SSLv3,TLSv1</property>
</attribute>
</mbean>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: