[jboss-jira] [JBoss JIRA] (ELY-373) General peer verification callback
David Lloyd (JIRA)
issues at jboss.org
Wed Nov 18 09:47:00 EST 2015
David Lloyd created ELY-373:
-------------------------------
Summary: General peer verification callback
Key: ELY-373
URL: https://issues.jboss.org/browse/ELY-373
Project: WildFly Elytron
Issue Type: Task
Components: Callbacks
Reporter: David Lloyd
Fix For: 1.1.0.Beta3
We need to generalize peer verification. Right now the peer verification callback ({{org.wildfly.security.auth.callback.VerifyPeerTrustedCallback}}) is specific to X.509 certificate chains, but other mechanisms might use different peer credentials for the verification.
An ideal API might use an optional Principal and an optional Credential. For Entity, a {{org.wildfly.security.credential.X509CertificateChainPublicCredential}} might be used for the Credential, and the Principal would be extracted from that. For key-based authentication, the principal could be the NamePrincipal of the host name and the credential would be a PublicKeyCredential.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list