0 Replies Latest reply on Aug 27, 2007 4:24 AM by J-C jc

    SRPLonginModule and verifier store

    J-C jc Apprentice

      I have a standalone application that uses EJB3 services provided by JBoss AS 4.2.0. To guarantee the confidentiality of authentication, I'm investigating the SRPLogin module.

      In Jboss configuration guide, chapter 8, it is written

      The org.jboss.security.srp SRPVerifierStoreService is an example MBean
      service that binds an implementation of the SRPVerifierStore interface that uses a file of
      serialized objects as the persistent store. Although not realistic for a production environment, it
      does allow for testing of the SRP protocol and provides an example of the requirements for an
      SRPVerifierStore service.

      What may be more realistic for a production environment ?

      Is there some implementation ?