1 Reply Latest reply on Oct 8, 2004 11:51 AM by Scott Stark

    multiple SRP sessions

    Jerrold Eads Newbie

      In my documentation it says that multiple SRP sessions have been available since 3.0.5? No where does it explain how to configure for multiple sessions? Can anyone point me to a document that describes how to setup and handle multiple SRP sessions?

      Boat Drinks

        • 1. Re: multiple SRP sessions
          Scott Stark Master

          From the online docs on the org.jboss.security.srp.jaas.SRPLoginModule. This module supports the following configuration options:

          * principalClassName: This option is no longer supported. The principal class is now always org.jboss.security.srp.jaas.SRPPrincipal.
          * srpServerJndiName: The JNDI name of the SRPServerInterface object to use for communicating with the SRP authentication server. If both srpServerJndiName and srpServerRmiUrl options are specified, the srpServerJndiName is tried before srpServerRmiUrl.
          * srpServerRmiUrl: The RMI protocol URL string for the location of the SRPServerInterface proxy to use for communicating with the SRP authentication server.
          * externalRandomA: A true/false flag indicating if the random component of the client public key A should come from the user callback. This can be used to input a strong cyrptographic random number coming from a hardware token for example.
          * hasAuxChallenge: A true/false flag indicating an that a string will be sent to the server as an additional challenge for the server to validate. If the client session supports an encryption cipher then a temporary cipher will be created using the session private key and the challenge object sent as a javax.crypto.SealedObject.
          * multipleSessions: a true/false flag indicating if a given client may have multiple SRP login sessions active simultaneously.