[jboss-jira] [JBoss JIRA] Resolved: (SECURITY-558) BaseCertLoginModule should also work with a truststore
Marcus Moyses (JIRA)
jira-events at lists.jboss.org
Thu Jan 27 06:58:06 EST 2011
[ https://issues.jboss.org/browse/SECURITY-558?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Marcus Moyses resolved SECURITY-558.
------------------------------------
Resolution: Done
LoginModule now looks for the certificate in the truststore first. If there is no truststore configured in the JaasSecurityDomain, it falls back to using the keystore instead.
> BaseCertLoginModule should also work with a truststore
> ------------------------------------------------------
>
> Key: SECURITY-558
> URL: https://issues.jboss.org/browse/SECURITY-558
> Project: PicketBox (JBoss Security and Identity Management)
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: JBossSX
> Affects Versions: JBossSecurity_2.0.4.SP6, PicketBox_v4_0_alpha2
> Reporter: Marcus Moyses
> Assignee: Marcus Moyses
> Fix For: JBossSecurity_2.0.4.SP7, PicketBox_v4_0_alpha3
>
>
> BaseCertLoginModule uses a JaasSecurityDomain to validate the certificates. Currently it only uses the configured keystore for this. We need to allow the truststore to be checked by default and fallback to the keystore if the truststore is not configured.
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list