activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James Strachan" <james.strac...@gmail.com>
Subject Re: Creating a secure connection system and using JMSXUserID support
Date Wed, 19 Jul 2006 14:13:52 GMT
How about to avoid breaking backwards compatibiility (or introducing a
new OpenWire version) just adding a new derivation of a ConnectionInfo
which could take additional fields like the certificate & token etc?

On 7/19/06, Hiram Chirino <hiram@hiramchirino.com> wrote:
> Hi Sepand!
>
> On 7/18/06, Sepand M <sepandm@gmail.com> wrote:
> >
> > Thanks for the info James.
> >
> > Please tell me what you think of the following:
> > I plan on having a new transport class that will do SSL client
> > certificate authentication and then override the ConnectionInfo
> > class's username field (we don't need a password) with the
> > distinguished name of the client.
>
>
>
> This sounds good.
>
> Now, that I think of it.  I think that would useful for the authorization
> layer to be able to access the whole cert that was provided that the
> transport layer.   Would it help if the ConnectionInfo class had an
> additional transient Object field that you could attach certificate info to?
>
> I could have the transport override every command's username with the
> > DN, but that's not needed if I use a UserIdBroker.
>
>
> That sounds good too.
>
> This should be ok, right?
> >
> > Thanks,
> > Sepand
> >
>
>
>
> --
> Regards,
> Hiram
>
> Blog: http://hiramchirino.com
>
>


-- 

James
-------
http://radio.weblogs.com/0112098/

Mime
View raw message