[jboss-jira] [JBoss JIRA] Created: (JBAS-3755) Expose all SSL socket factory settings via properties or attributes for UIL2

[Scott M Stark (JIRA)]

Expose all SSL socket factory settings via properties or attributes for UIL2
----------------------------------------------------------------------------

                 Key: JBAS-3755
                 URL: http://jira.jboss.com/jira/browse/JBAS-3755
             Project: JBoss Application Server
          Issue Type: Support Patch
      Security Level: Public (Everyone can see)
          Components: JMS service, Security
    Affects Versions: JBossAS-4.0.4.GA
            Reporter: Scott M Stark
         Assigned To: Adrian Brock


Currently the ssl socket factories don't have any notion of picking up settings like the enabled cipher suites from system properties or the security domain in the case of the org.jboss.security.ssl.DomainSocketFactory. We should be able to set any JSSE SSLSocketFactory setting from these external values by injecting a fully configured socket factory:

  <mbean code="org.jboss.mq.il.uil2.UILServerILService"
	 name="jboss.mq:service=InvocationLayer,type=SSLUIL2">
...
    <attribute name="ServerSocketFactoryBean">
         attributeClass="org.jboss.security.ssl.DomainServerSocketFactory"
         serialDataType="javaBean">
        <property name="bindAddress">${jboss.bind.address}</property>
        <property name="securityDomain">java:/jaas/rmi-ssl</property>
        <property name="wantsClientAuth">true</property>
        <property name="needsClientAuth">true</property>
         <property name="CiperSuites">TLS_DHE_DSS_WITH_AES_128_CBC_SHA</property>
         <property name="Protocols">SSLv2Hello,SSLv3,TLSv1</property>
      </attribute>
   </mbean>


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira