[jboss-user] [Security & JAAS/JBoss] - SRPLonginModule and verifier store

jc7442 do-not-reply at jboss.com
Mon Aug 27 04:24:29 EDT 2007


I have a standalone application that uses EJB3 services provided by JBoss AS 4.2.0. To guarantee the confidentiality of authentication, I'm investigating the SRPLogin module.

In Jboss configuration guide, chapter 8, it is written
The org.jboss.security.srp SRPVerifierStoreService is an example MBean
  | service that binds an implementation of the SRPVerifierStore interface that uses a file of
  | serialized objects as the persistent store. Although not realistic for a production environment, it
  | does allow for testing of the SRP protocol and provides an example of the requirements for an
  | SRPVerifierStore service.

What may be more realistic for a production environment ?

Is there some implementation ?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4078244#4078244

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4078244



More information about the jboss-user mailing list