Support org.jboss.security.ssl.JaasSecurityDomainSocketFactory for SSL protocols when the client is a JBoss Application Server ------------------------------------------------------------------------------------------------------------------------------ Key: JBREM-1191 URL: https://jira.jboss.org/jira/browse/JBREM-1191 Project: JBoss Remoting Issue Type: Feature Request Security Level: Public (Everyone can see) Components: security Affects Versions: 2.5.2.SP2 (Flounder) Environment: Server and Client are instances of JBoss EAP 5.x or above. Reporter: Ben Schofield The JBoss Application Server uses JaasSecurityDomains for creating KeyManager and TrustManagers. When one JBoss instance is making a call to another JBoss instance which uses remoting such as a remote EJB3 call, then JaasSecurityDomains could be used to load key and trust stores on the client when negotiation SSL. The JBoss code base already defines a SSLSocketFactory to do this. (org.jboss.security.ssl.JaasSecurityDomainSocketFactory) The solution could be as simple as supporting something similar to Remoting.SOCKET_FACTORY_CLASS_NAME which instantiates a SocketFactory on the client side. A new flag Remoting.SSLSOCKET_FACTORY_CLASS_NAME could be used to instantiate a javax.net.ssl.SSLSocketFactory like org.jboss.security.ssl.JaasSecurityDomainSocketFactory. Supporting this feature would free JBoss from having to share key and trust stores with enterprise applications that use the standard javax.net.ssl.* properties to locate and load their key and trust stores. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira