-
1. Re: Client Cert EJB
starksm64 Feb 10, 2006 1:41 PM (in response to amdonov)You need to use the PooledInvoker enhancements in 4.0.4RC1 to have access to the client cert for security decisions in the ejb container.
SRP could be used to create a similar custom ssl type of arrangement as well. Since this is on top of the transport layer it can be integrated with any of the existing detached invokers. -
2. Re: Client Cert EJB
amdonov Apr 13, 2006 1:59 PM (in response to amdonov)I finally got approval from the client.
I checked out the PooledInvoker, and I think I will try that approach. Other than providing custom socket factories, do I need to do anything special for a server side login module to access the client cert as a credential?
What kind of configuration would be required on the client?
Will the ClientLoginModule still be necessary?
Thanks,
Aaron -
3. Re: Client Cert EJB
amdonov Apr 13, 2006 8:17 PM (in response to amdonov)I found the answer in a similar thread
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933179
Thanks.