-
1. Re: authentication from transport layer (TLS, SSL)?
starksm64 Nov 24, 2004 1:42 PM (in response to matroskin)Don't know, you'll have to have some correlation between the client and server via a pair of socket factories.
-
2. Re: authentication from transport layer (TLS, SSL)?
starksm64 Nov 24, 2004 9:02 PM (in response to matroskin)Only tomcat has a proper notion of authentication based on the ssl certificate since is required by the servlet spec. You can do something similar for the ejb invokers, but you have to use a custom socket factory to get access to the ssl cert info. The authentication happens at the ssl level, and jboss is not involved with this, but if you want to use the client cert as credentials for authentication at the ejb container level then this has to be extracted from the transport layer and propagated to the to the container with the call invocation payload.
-
3. Re: authentication from transport layer (TLS, SSL)?
matroskin Nov 26, 2004 9:44 PM (in response to matroskin)There is one problem though. The socket with principal and credentials information is buried deep inside Sun RMI code. Any ideas how to get it from there?
-
4. Re: authentication from transport layer (TLS, SSL)?
starksm64 Nov 29, 2004 1:10 PM (in response to matroskin)You have to use a custom socket factory that generates the ssl socket so that you have access to the SSLContext.
-
5. Re: authentication from transport layer (TLS, SSL)?
matroskin Nov 29, 2004 2:26 PM (in response to matroskin)Custom socket factory would allow me to have access to SSLContext for all sockets that were created using this socket factory. That is true. The question is how to determine which one is being used by particular invocation?