Return-Path: 
 <dev-return-33972-apmail-activemq-dev-archive=activemq.apache.org@activemq.apache.org>
X-Original-To: apmail-activemq-dev-archive@www.apache.org
Delivered-To: apmail-activemq-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 3A584D132
	for <apmail-activemq-dev-archive@www.apache.org>;
 Thu, 18 Oct 2012 05:48:16 +0000 (UTC)
Received: (qmail 66136 invoked by uid 500); 18 Oct 2012 05:48:16 -0000
Delivered-To: apmail-activemq-dev-archive@activemq.apache.org
Received: (qmail 65583 invoked by uid 500); 18 Oct 2012 05:48:10 -0000
Mailing-List: contact dev-help@activemq.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@activemq.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@activemq.apache.org>
List-Post: <mailto:dev@activemq.apache.org>
List-Id: <dev.activemq.apache.org>
Reply-To: dev@activemq.apache.org
Delivered-To: mailing list dev@activemq.apache.org
Received: (qmail 63813 invoked by uid 99); 18 Oct 2012 05:48:06 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Oct 2012 05:48:06 +0000
Date: Thu, 18 Oct 2012 05:48:06 +0000 (UTC)
From: "Lionel Cons (JIRA)" <jira@apache.org>
To: dev@activemq.apache.org
Message-ID: <62741841.62438.1350539286213.JavaMail.jiratomcat@arcas>
In-Reply-To: <123435144.5344.1346140327789.JavaMail.jiratomcat@arcas>
Subject: [jira] [Commented] (AMQ-3996) NIO + SSL: Client certificates are
 null
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/AMQ-3996?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13478701#comment-13478701 ] 

Lionel Cons commented on AMQ-3996:
----------------------------------

Tim, could you please be a bit more specific in what is needed in terms of configuration?

We use the jaasDualAuthenticationPlugin with two domains configured in login.config (one with SSL, the other one without) and this works fine with stomp+ssl.

Changing the connector to stomp+nio+ssl breaks the authentication (we get java.lang.SecurityException: User name [null] or password is invalid).

Do we need to add configuration bits that are specific to NIO?
                
> NIO + SSL: Client certificates are null
> ---------------------------------------
>
>                 Key: AMQ-3996
>                 URL: https://issues.apache.org/jira/browse/AMQ-3996
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.6.0, 5.7.0
>            Reporter: Francesco Romano
>            Assignee: Timothy Bish
>             Fix For: 5.8.0
>
>         Attachments: broker-jaas-ssl-nio.xml, nio+ssl.png, NIOSSLTransportWithJaasCertificateAuthBrokerTest.java, NIOSSLTransportWithJaasCertificateAuthBrokerTest.java, NIOSSLTransportWithJaasCertificateAuthBrokerTest.java, ssl.png
>
>
> If using protocol nio+ssl, the ConnectionInfo transportContext property does not contains peer certificates (which are present in the plain tcp ssl transport).
> The problem is that in the NIO transport, calling sslSession.getPeerCertificates() returns null.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira