[jboss-jira] [JBoss JIRA] (WFLY-3915) Dynamic configuration of outbound SSL connections
Darran Lofthouse (JIRA)
issues at jboss.org
Thu Sep 1 06:19:01 EDT 2016
[ https://issues.jboss.org/browse/WFLY-3915?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated WFLY-3915:
-----------------------------------
Component/s: Security
> Dynamic configuration of outbound SSL connections
> -------------------------------------------------
>
> Key: WFLY-3915
> URL: https://issues.jboss.org/browse/WFLY-3915
> Project: WildFly
> Issue Type: Feature Request
> Components: Security
> Reporter: James Livingston
> Assignee: Darran Lofthouse
>
> WebSphere has a feature called "Dynamic outbound SSL configuration" (http://www-01.ibm.com/support/knowledgecenter/SSCKBL_8.5.5/com.ibm.websphere.nd.multiplatform.doc/ae/usec_sslnewdynendconf.html), which allows the configuration of SSL parameters for connections which are not opened directly by the container.
> That can be useful for configuring the SSL usage of components such as resource adapters, JDBC drivers, and application-packaged web service libraries. For example the truststore/keystore could be configured different for all requests to the database host, so that the global javax.net.ssl settings to not need to be modified if the driver does not itself provide a way to configure it.
> I believe that it is implemented by using javax.net.ssl.SSLContext.setDefault() to replace the standard socket factory. The socket factory could then look at the passed hostname/port, and potentially the calling application to configure the SSL socket appropriately before returning it to the caller.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list