[jboss-jira] [JBoss JIRA] (ELY-697) Add client authentication method to authenticate a TLS peer using a security domain
David Lloyd (JIRA)
issues at jboss.org
Tue Nov 1 07:52:00 EDT 2016
[ https://issues.jboss.org/browse/ELY-697?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Lloyd resolved ELY-697.
-----------------------------
Assignee: David Lloyd
Resolution: Out of Date
This is now done via the SSL context builder and does not directly involve the authentication client anymore.
> Add client authentication method to authenticate a TLS peer using a security domain
> -----------------------------------------------------------------------------------
>
> Key: ELY-697
> URL: https://issues.jboss.org/browse/ELY-697
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: Authentication Client
> Reporter: David Lloyd
> Assignee: David Lloyd
> Priority: Minor
>
> When a client connects to a remote peer, the authentication protocol in use may support true mutual authentication, where the remote peer (server) has to authenticate itself to the client. Specifically, in the TLS case the client may want to perform client-cert-style authentication with the server certificate, acquiring a SecurityIdentity in return.
> The client authentication API should have a way to specify that TLS certificate authentication should happen against a specific security domain. It should provide a means to acquire the SecurityIdentity from the SSL session (the same way as a server does, if possible).
> A server authenticating to a client does not require LoginPermission.
--
This message was sent by Atlassian JIRA
(v7.2.2#72004)
More information about the jboss-jira
mailing list