[jboss-jira] [JBoss JIRA] Commented: (JBREM-581) can not do connection validation with ssl transport (only impacts detection)

Tom Elrod (JIRA) jira-events at jboss.com
Tue Aug 15 15:32:25 EDT 2006 

    [ http://jira.jboss.com/jira/browse/JBREM-581?page=comments#action_12341277 ] 
            
Tom  Elrod commented on JBREM-581:
----------------------------------

"Suppose I have an app for Kramerica Industries running in the kramerica domain (sparky, lucy, and pippin, say), and a client on pippin is looking for servers on sparky and lucy.  If the servers use SSL transports, then the client would need a truststore to connect to the servers, so why couldn't the detector on pippin be supplied with the same truststore?  In other words, if you have a sort of  "closed" system where you know the components, wouldn't this work?  I can imagine a more open SOA sort of public system where a client is looking for any suitable server to connect to, where you don't know all the components, but in that case I imagine the certificates would be signed by some public authority."

> can not do connection validation with ssl transport (only impacts detection)
> ----------------------------------------------------------------------------
>
>                 Key: JBREM-581
>                 URL: http://jira.jboss.com/jira/browse/JBREM-581
>             Project: JBoss Remoting
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: detection
>    Affects Versions: 2.0.0.CR1 (Boon)
>            Reporter: Tom  Elrod
>         Assigned To: Tom  Elrod
>             Fix For: 2.2.0.Beta1 (Bluto)
>
>
> When a detector gets the detection message from a server, the detection message does not include (nor should it), the ssl info needed to make the ping invocation on that server to verify it is indeed dead.  Per JBREM-580, will currently just avoid making ping invocation if transport supports ssl.  This means that never does the ping invocation to ensure that the server is really down (and not just lack of getting detection message update), but instead will just consider it dead if detection message is stale.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list