Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 32135 invoked from network); 12 May 2006 09:09:33 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 12 May 2006 09:09:33 -0000 Received: (qmail 26178 invoked by uid 500); 12 May 2006 09:09:31 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 26136 invoked by uid 500); 12 May 2006 09:09:30 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 26125 invoked by uid 99); 12 May 2006 09:09:30 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 12 May 2006 02:09:30 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received: from [209.237.227.198] (HELO brutus.apache.org) (209.237.227.198) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 12 May 2006 02:09:29 -0700 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id BBF93714293 for ; Fri, 12 May 2006 09:09:08 +0000 (GMT) Message-ID: <18633207.1147424948732.JavaMail.root@brutus> Date: Fri, 12 May 2006 09:09:08 +0000 (GMT+00:00) From: "Rick McGuire (JIRA)" To: dev@geronimo.apache.org Subject: [jira] Commented: (GERONIMO-2002) OpenEJB CORBA SSL should use Keystore GBean In-Reply-To: <15881193.1147229704411.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N [ http://issues.apache.org/jira/browse/GERONIMO-2002?page=comments#action_12383183 ] Rick McGuire commented on GERONIMO-2002: ---------------------------------------- Is anybody working on this? I'm willing to take a crack at it if not. I do have a couple of questions on how it should be implemented. The socket factory used to create the SSLSockets is instantiated by the ORB based on a property value, rather than instantiated by the Geronimo configurator code. This means that socket factory code needs to call back into G. to somehow retrieve the KeyStore information. What's the appropriate mechanism to retrieve the Keystore GBean? Is is safe to assume this is a singleton, or can different ORB instances be configured to use different keystores? > OpenEJB CORBA SSL should use Keystore GBean > ------------------------------------------- > > Key: GERONIMO-2002 > URL: http://issues.apache.org/jira/browse/GERONIMO-2002 > Project: Geronimo > Type: Improvement > Security: public(Regular issues) > Components: security, CORBA > Versions: 1.1 > Reporter: Aaron Mulder > Fix For: 1.1 > > OpenEJB initializes CORBA using a plain SSL socket factory and therefore only sees SSL keystore/trust store settings configured as system properties. We should change this to use the KeystoreManager API instead. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira