[infinispan-issues] [JBoss JIRA] (ISPN-4316) The client is tried for "SSL Peer Authentication" even though encryption's require-ssl-client-auth is set to false
Vijay Bhaskar Chintalapati (JIRA)
issues at jboss.org
Thu May 22 18:22:56 EDT 2014
Vijay Bhaskar Chintalapati created ISPN-4316:
------------------------------------------------
Summary: The client is tried for "SSL Peer Authentication" even though encryption's require-ssl-client-auth is set to false
Key: ISPN-4316
URL: https://issues.jboss.org/browse/ISPN-4316
Project: Infinispan
Issue Type: Bug
Components: Security, Server
Affects Versions: 7.0.0.Alpha4
Reporter: Vijay Bhaskar Chintalapati
Assignee: Tristan Tarrant
Consider the scenario:
- The client enables the authentication thru ConfigurationBuilder (i.e cb.security().authentication())
- The Server's SSL configuration doesn't require client authentication (i.e require-ssl-client-auth="false") and in addition the security-realm's <authentication .../> doesn't include a <truststore .../>
In such a scenario the client is unable to authenticate as the following exception is thrown in the server side logs:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
One sided communication encryption (with client storing server's certificate in its trust store) should be supported particularly when the client wants to authenticate via credentials
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)
More information about the infinispan-issues
mailing list