[jboss-jira] [JBoss JIRA] Created: (JBREM-1191) Support org.jboss.security.ssl.JaasSecurityDomainSocketFactory for SSL protocols when the client is a JBoss Application Server

Ben Schofield (JIRA) jira-events at lists.jboss.org
Fri Feb 26 17:54:10 EST 2010 

Support org.jboss.security.ssl.JaasSecurityDomainSocketFactory for SSL protocols when the client is a JBoss Application Server
------------------------------------------------------------------------------------------------------------------------------

                 Key: JBREM-1191
                 URL: https://jira.jboss.org/jira/browse/JBREM-1191
             Project: JBoss Remoting
          Issue Type: Feature Request
      Security Level: Public (Everyone can see)
          Components: security
    Affects Versions: 2.5.2.SP2 (Flounder)
         Environment: Server and Client are instances of JBoss EAP 5.x or above.
            Reporter: Ben Schofield


The JBoss Application Server uses JaasSecurityDomains for creating KeyManager and TrustManagers.  When one JBoss instance is making a call to another JBoss instance which uses remoting such as a remote EJB3 call, then JaasSecurityDomains could be used to load key and trust stores on the client when negotiation SSL.  The JBoss code base already defines a SSLSocketFactory to do this. (org.jboss.security.ssl.JaasSecurityDomainSocketFactory) 

The solution could be as simple as supporting something similar to Remoting.SOCKET_FACTORY_CLASS_NAME which instantiates a SocketFactory on the client side. A new flag Remoting.SSLSOCKET_FACTORY_CLASS_NAME could be used to instantiate a javax.net.ssl.SSLSocketFactory like org.jboss.security.ssl.JaasSecurityDomainSocketFactory.

Supporting this feature would free JBoss from having to share key and trust stores with enterprise applications that use the standard javax.net.ssl.* properties to locate and load their key and trust stores.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list