[jboss-jira] [JBoss JIRA] (ELY-414) Allow the authentication in SecurityDomainTrustManager to be optional
Darran Lofthouse (JIRA)
issues at jboss.org
Thu Mar 10 10:29:00 EST 2016
[ https://issues.jboss.org/browse/ELY-414?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13174990#comment-13174990 ]
Darran Lofthouse commented on ELY-414:
--------------------------------------
In addition to this we also need to be able to control want and need client auth independently of the security domain.
> Allow the authentication in SecurityDomainTrustManager to be optional
> ---------------------------------------------------------------------
>
> Key: ELY-414
> URL: https://issues.jboss.org/browse/ELY-414
> Project: WildFly Elytron
> Issue Type: Task
> Components: SSL
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 1.1.0.Beta5
>
>
> Validating the certificate chain using the delegate trust manager must never be skipped but this change is to allow the authentication step to be flagged as optional.
> i.e. If for any reason the authentication fails silently allow it through so other authentication mechanisms can be tried.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list