geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick McGuire <rick...@gmail.com>
Subject Using the KeystoreManager for CORBA SSL support
Date Fri, 12 May 2006 14:13:00 GMT
I'm looking at implementing KeystoreManager support in the openejb CORBA 
TLS layer (see Jira GERONIMO-2002), and I'm having trouble deciding how 
best to do this.  The KeystoreManager GBean merely manages access to the 
keystores and the creating of SSLSocket factories for creating 
connections (and currently, it only supports SSLServerSockets, but it's 
a fairly trivial matter to add SSLSocketFactory support too).  In order 
to use the KeystoreManager to create a socket, the caller must provide a 
number of additional pieces of information, such as the truststore and 
keystore names, and the key alias.  For example, here's the 
configuration for the HTTPSConnector used to configure Jetty:

    <gbean name="JettySSLConnector" 
class="org.apache.geronimo.jetty.connector.HTTPSConnector">
        <attribute name="host">${PlanServerHostname}</attribute>
        <attribute name="port">${PlanHTTPSPort}</attribute>
        <attribute name="keyStore">geronimo-default</attribute>
        <attribute name="keyAlias">geronimo</attribute>
        <attribute name="trustStore">geronimo-default</attribute>
        <attribute name="clientAuthRequired">false</attribute>
        <attribute name="algorithm">Default</attribute>
        <attribute name="secureProtocol">TLS</attribute>
        <attribute name="maxThreads">150</attribute>
        <attribute name="minThreads">25</attribute>
        <reference name="JettyContainer">
            <name>JettyWebContainer</name>
        </reference>
        <reference name="KeystoreManager">
            <name>KeystoreManager</name>
        </reference>
    </gbean>

In this case, the keyStore, keyAlias, trustStore, algorithm, 
secureProtocol, and KeystoreManager values are all needed to create the 
SSLServerSocketFactory instance that will be used to create the SSL 
connection. 

Now, to enable this support for CORBA, the two beans that create the ORB 
instances (CORBABean and CSSBean) will need the same set of attributes 
(and those attributes will need to be propagated to a couple of other 
objects, which would start to get pretty messy).  Alternatively, it 
might make sense to have an SSLFactoryGBean, which is configured with 
all of the attributes above, and which has methods for creating an 
SSLSocket and a SSLServerSocket, and/or retrieving an appropriately 
configured socket factory.  This seems to me like a simpler 
implementation, allowing the two CORBA beans to just be initialized with 
the SSLFactoryGBean instance.  It might make sense to rework the 
HTTPSConnector too to use the same pattern.

So, which model should be used here:

1)  Current model employed with HTTPSConnector where all KeystoreManager 
users expose/manage all of the attributes necessary to create SSL 
connections using the KeystoreManager, or

2)  Have an SSLFactory GBean where the SSL characteristics are 
configured separately from the SSL consumer?

Rick


Mime
View raw message