[jboss-jira] [JBoss JIRA] (ELY-697) Add client authentication method to authenticate a TLS peer using a security domain
David Lloyd (JIRA)
issues at jboss.org
Fri Oct 28 08:30:00 EDT 2016
David Lloyd created ELY-697:
-------------------------------
Summary: Add client authentication method to authenticate a TLS peer using a security domain
Key: ELY-697
URL: https://issues.jboss.org/browse/ELY-697
Project: WildFly Elytron
Issue Type: Enhancement
Components: Authentication Client
Reporter: David Lloyd
Priority: Minor
When a client connects to a remote peer, the authentication protocol in use may support true mutual authentication, where the remote peer (server) has to authenticate itself to the client. Specifically, in the TLS case the client may want to perform client-cert-style authentication with the server certificate, acquiring a SecurityIdentity in return.
The client authentication API should have a way to specify that TLS certificate authentication should happen against a specific security domain. It should provide a means to acquire the SecurityIdentity from the SSL session (the same way as a server does, if possible).
A server authenticating to a client does not require LoginPermission.
--
This message was sent by Atlassian JIRA
(v7.2.2#72004)
More information about the jboss-jira
mailing list