[jboss-as7-dev] How hard would it be to support key based auth by default to make life simpler and more secure ?
Darran Lofthouse
darran.lofthouse at jboss.com
Mon Nov 14 04:54:43 EST 2011
On 11/13/2011 10:15 PM, Jason Greene wrote:
> We would have to do noauth + SSL + trust. I think it's an option worth considering. The big problem though is that we have to have a setup process to generate the certs, which is greater complexity than the user/pass option. We would have to generate a host key pair and a client key pair.
Yes that is planned to be supported - but as you say it brings it's own
level of complexity getting it set up in the first place.
More information about the jboss-as7-dev
mailing list