[JBoss JIRA] (AS7-3331) JacORB SSL config parameters should use enumeration instead of values encoded in integers
7:23 a.m.
David Bosschaert created AS7-3331:
-------------------------------------
Summary: JacORB SSL config parameters should use enumeration instead of
values encoded in integers
Key: AS7-3331
URL: https://issues.jboss.org/browse/AS7-3331
Project: Application Server 7
Issue Type: Task
Components: IIOP, Server
Affects Versions: 7.1.0.CR1b
Reporter: David Bosschaert
Assignee: Stefan Guilhen
The JacORB SSL settings use a fairly cryptic way to express something that would be better
represented as a string with 4 allowed values.
From the description:
{noformat}client-supports: Value that
indicates the client SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
client-requires: Value that indicates the client SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-supports: Value that indicates the server SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-requires: Value that indicates the server SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).{noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:50 a.m.
[
https://issues.jboss.org/browse/AS7-3331?page=com.atlassian.jira.plugin.s...
]
Dimitris Andreadis commented on AS7-3331:
-----------------------------------------
AFAIR the values are essentially bits ORed together and used when negotiating the security
level. So either you need string descriptions that cover all usuable combinations, or
provide for a syntax that supports the OR operator (|).
So, if we just have those 2 bits that can be configured this would work: None,
EstablishTrustInTarget, EstablishTrustInClient, MutualAuth would work. I don't
remember if there are more bits to be configured/more combinations allowed, probably not.
JacORB SSL config parameters should use enumeration instead of values
encoded in integers
-----------------------------------------------------------------------------------------
Key: AS7-3331
URL: https://issues.jboss.org/browse/AS7-3331
Project: Application Server 7
Issue Type: Task
Components: IIOP, Server
Affects Versions: 7.1.0.CR1b
Reporter: David Bosschaert
Assignee: Stefan Guilhen
The JacORB SSL settings use a fairly cryptic way to express something that would be
better represented as a string with 4 allowed values.
From the description:
{noformat}client-supports: Value that indicates the client SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
client-requires: Value that indicates the client SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-supports: Value that indicates the server SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-requires: Value that indicates the server SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).{noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:49 a.m.
[
https://issues.jboss.org/browse/AS7-3331?page=com.atlassian.jira.plugin.s...
]
Brian Stansberry commented on AS7-3331:
---------------------------------------
Thanks Dimitris.
I think this is fundamentally a scheduling issue. Whatever we ship in 7.1.0.Final will be
what we use forever. If we change to using a list of strings or something, it needs to be
done and reflected in the console in time for 7.1. That is, really really soon.
AIUI, the way this would be done would be to convert these attributes to lists (xs:list in
the xml, ModelType.LIST in DMR). The elements in the DMR list would have a restricted set
of allowed values. The operations handlers for adding the resource or write-attribute
would do the bit manipulation.
A list is not particularly CLI friendly at the moment as we don't have great support
for list manipulation operations. So changing this will make things a bit harder for users
of 7.1.
Bottom line, I don't think this is going to make it in in time and if it won't, it
shouldn't be done later. And its not critical IMHO.
JacORB SSL config parameters should use enumeration instead of values
encoded in integers
-----------------------------------------------------------------------------------------
Key: AS7-3331
URL: https://issues.jboss.org/browse/AS7-3331
Project: Application Server 7
Issue Type: Task
Components: IIOP, Server
Affects Versions: 7.1.0.CR1b
Reporter: David Bosschaert
Assignee: Stefan Guilhen
The JacORB SSL settings use a fairly cryptic way to express something that would be
better represented as a string with 4 allowed values.
From the description:
{noformat}client-supports: Value that indicates the client SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
client-requires: Value that indicates the client SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-supports: Value that indicates the server SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-requires: Value that indicates the server SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).{noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:57 a.m.
[
https://issues.jboss.org/browse/AS7-3331?page=com.atlassian.jira.plugin.s...
]
Brian Stansberry updated AS7-3331:
----------------------------------
Fix Version/s: 7.1.0.Final
Scheduling for 7.1 so it either gets done or rejected by then. David, once you feel
it's too late for you, please reject so Stefan doesn't waste time on something
that won't get in.
JacORB SSL config parameters should use enumeration instead of values
encoded in integers
-----------------------------------------------------------------------------------------
Key: AS7-3331
URL: https://issues.jboss.org/browse/AS7-3331
Project: Application Server 7
Issue Type: Task
Components: IIOP, Server
Affects Versions: 7.1.0.CR1b
Reporter: David Bosschaert
Assignee: Stefan Guilhen
Fix For: 7.1.0.Final
The JacORB SSL settings use a fairly cryptic way to express something that would be
better represented as a string with 4 allowed values.
From the description:
{noformat}client-supports: Value that indicates the client SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
client-requires: Value that indicates the client SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-supports: Value that indicates the server SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-requires: Value that indicates the server SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).{noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:36 a.m.
[
https://issues.jboss.org/browse/AS7-3331?page=com.atlassian.jira.plugin.s...
]
David Bosschaert commented on AS7-3331:
---------------------------------------
It's starting to get close for this one. If it isn't in by Jan 25 EOB I don't
think I'll have time to update the console.
JacORB SSL config parameters should use enumeration instead of values
encoded in integers
-----------------------------------------------------------------------------------------
Key: AS7-3331
URL: https://issues.jboss.org/browse/AS7-3331
Project: Application Server 7
Issue Type: Task
Components: IIOP, Server
Affects Versions: 7.1.0.CR1b
Reporter: David Bosschaert
Assignee: Stefan Guilhen
Fix For: 7.1.0.Final
The JacORB SSL settings use a fairly cryptic way to express something that would be
better represented as a string with 4 allowed values.
From the description:
{noformat}client-supports: Value that indicates the client SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
client-requires: Value that indicates the client SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-supports: Value that indicates the server SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-requires: Value that indicates the server SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).{noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
7:02 p.m.
[
https://issues.jboss.org/browse/AS7-3331?page=com.atlassian.jira.plugin.s...
]
Stefan Guilhen commented on AS7-3331:
-------------------------------------
I'm about to send a pull request for this issue. I have done what Dimitris suggested,
so users will select None, ServerAuth, ClientAuth or MutualAuth instead of using 0, 20, 40
or 60 for that.
JacORB SSL config parameters should use enumeration instead of values
encoded in integers
-----------------------------------------------------------------------------------------
Key: AS7-3331
URL: https://issues.jboss.org/browse/AS7-3331
Project: Application Server 7
Issue Type: Task
Components: IIOP, Server
Affects Versions: 7.1.0.CR1b
Reporter: David Bosschaert
Assignee: Stefan Guilhen
Fix For: 7.1.0.Final
The JacORB SSL settings use a fairly cryptic way to express something that would be
better represented as a string with 4 allowed values.
From the description:
{noformat}client-supports: Value that indicates the client SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
client-requires: Value that indicates the client SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-supports: Value that indicates the server SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-requires: Value that indicates the server SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).{noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:12 a.m.
[
https://issues.jboss.org/browse/AS7-3331?page=com.atlassian.jira.plugin.s...
]
David Bosschaert commented on AS7-3331:
---------------------------------------
Implemented the console changes needed here:
https://github.com/bosschaert/as7-console/tree/as7-2748-13
JacORB SSL config parameters should use enumeration instead of values
encoded in integers
-----------------------------------------------------------------------------------------
Key: AS7-3331
URL: https://issues.jboss.org/browse/AS7-3331
Project: Application Server 7
Issue Type: Task
Components: IIOP, Server
Affects Versions: 7.1.0.CR1b
Reporter: David Bosschaert
Assignee: Stefan Guilhen
Fix For: 7.1.0.Final
The JacORB SSL settings use a fairly cryptic way to express something that would be
better represented as a string with 4 allowed values.
From the description:
{noformat}client-supports: Value that indicates the client SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
client-requires: Value that indicates the client SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-supports: Value that indicates the server SSL supported parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).
server-requires: Value that indicates the server SSL required parameters
(EstablishTrustInTarget=20,EstablishTrustInClient=40,MutualAuth=60).{noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4675
days inactive
4683
days old
6 comments
4 participants
participants (4)
-
Brian Stansberry (JIRA) -
David Bosschaert (JIRA)
-
Dimitris Andreadis (JIRA)
-
Stefan Guilhen (JIRA)