[jboss-jira] [JBoss JIRA] Created: (JBMESSAGING-1127) Use SSL certificate for client authentication

[Brendan Sibre (JIRA)]

Use SSL certificate for client authentication
---------------------------------------------

                 Key: JBMESSAGING-1127
                 URL: http://jira.jboss.com/jira/browse/JBMESSAGING-1127
             Project: JBoss Messaging
          Issue Type: Feature Request
          Components: JMS Remoting, JMS Security
    Affects Versions: 1.4.0.GA
         Environment: JBAS 4.2.1 on Solaris 9 and 10, Sun JVM 1.5.0
            Reporter: Brendan Sibre
         Assigned To: Tim Fox


Clients connect to JBM using the sslbisocket connector.  They should be able to use a client certificate to authenticate them via my custom loginmodule (which has been tested and works with EJBs, Tomcat, etc).

Use the principal created by the SSL connection for the getConnection() so that I do not need to pass a username and password.  It seems that the callback handler used by the JBoss Messaging and the remoting SSLBisocket connector needs to be able to handle an X509Callback.  This probably means that
it will need to be a HandshakeCompletedListener on the remoting connector.

Ideally, this method of authentication would be configured with the connector and then JBoss Messaging would use a CallerIdentityLoginModule to
accept the Subject that already exists so that JBoss Messaging will continue to work with EJBs (JmsXA) etc.

Forum posts include links to other potentially related JIRA issues.  Hopefully JBoss Messaging can address this issue as it fits in the junction between
JBM and remoting.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira