activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hiram Chirino" <hi...@hiramchirino.com>
Subject Re: Creating a secure connection system and using JMSXUserID support
Date Wed, 19 Jul 2006 14:35:45 GMT
Adding a transient field to the ConnectionInfo would not cause a wireformat
change.

I'd rather keep it simple and do it in our current one.

On 7/19/06, James Strachan <james.strachan@gmail.com> wrote:
>
> How about to avoid breaking backwards compatibiility (or introducing a
> new OpenWire version) just adding a new derivation of a ConnectionInfo
> which could take additional fields like the certificate & token etc?
>
> On 7/19/06, Hiram Chirino <hiram@hiramchirino.com> wrote:
> > Hi Sepand!
> >
> > On 7/18/06, Sepand M <sepandm@gmail.com> wrote:
> > >
> > > Thanks for the info James.
> > >
> > > Please tell me what you think of the following:
> > > I plan on having a new transport class that will do SSL client
> > > certificate authentication and then override the ConnectionInfo
> > > class's username field (we don't need a password) with the
> > > distinguished name of the client.
> >
> >
> >
> > This sounds good.
> >
> > Now, that I think of it.  I think that would useful for the
> authorization
> > layer to be able to access the whole cert that was provided that the
> > transport layer.   Would it help if the ConnectionInfo class had an
> > additional transient Object field that you could attach certificate info
> to?
> >
> > I could have the transport override every command's username with the
> > > DN, but that's not needed if I use a UserIdBroker.
> >
> >
> > That sounds good too.
> >
> > This should be ok, right?
> > >
> > > Thanks,
> > > Sepand
> > >
> >
> >
> >
> > --
> > Regards,
> > Hiram
> >
> > Blog: http://hiramchirino.com
> >
> >
>
>
> --
>
> James
> -------
> http://radio.weblogs.com/0112098/
>



-- 
Regards,
Hiram

Blog: http://hiramchirino.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message