geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick McGuire (JIRA)" <...@geronimo.apache.org>
Subject [jira] Commented: (GERONIMO-2002) OpenEJB CORBA SSL should use Keystore GBean
Date Fri, 12 May 2006 09:09:08 GMT
    [ http://issues.apache.org/jira/browse/GERONIMO-2002?page=comments#action_12383183 ] 

Rick McGuire commented on GERONIMO-2002:
----------------------------------------

Is anybody working on this?  I'm willing to take a crack at it if not. 

I do have a couple of questions on how it should be implemented.  The socket factory used
to create the SSLSockets is instantiated by the ORB based on a property value, rather than
instantiated by the Geronimo configurator code.  This means that socket factory code needs
to call back into G. to somehow retrieve the KeyStore information.  What's the appropriate
mechanism to retrieve the Keystore GBean?  Is is safe to assume this is a singleton, or can
different ORB instances be configured to use different keystores?

> OpenEJB CORBA SSL should use Keystore GBean
> -------------------------------------------
>
>          Key: GERONIMO-2002
>          URL: http://issues.apache.org/jira/browse/GERONIMO-2002
>      Project: Geronimo
>         Type: Improvement
>     Security: public(Regular issues) 
>   Components: security, CORBA
>     Versions: 1.1
>     Reporter: Aaron Mulder
>      Fix For: 1.1

>
> OpenEJB initializes CORBA using a plain SSL socket factory and therefore only sees SSL
keystore/trust store settings configured as system properties.  We should change this to use
the KeystoreManager API instead.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message