shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Les Hazlewood <lhazlew...@apache.org>
Subject Re: X509Certificate support
Date Tue, 29 Jun 2010 22:05:07 GMT
Circling back to this - is there a way to have an X.509 realm that
does not require BouncyCastle?  I haven't looked at the patch yet
myself to verify this (I'll check it out sometime this week if I have
time).  I'm not necessarily against having a new 3rd party module for
bouncycastle if the community feels this is needed, but my personal
preference is to avoid that if there is a reasonably clean way of
supporting X.509 without it.

Les

On Sat, Jun 12, 2010 at 10:24 AM, Paul Merlin <eskatos@n0pe.org> wrote:
> Le samedi 12 juin 2010 19:00:05, Brian Demers a écrit :
>> The public key realm we have is tailored for Apache Mina SSHD,  it is
>> pretty basic,just compares 2 public keys (and provides an interface for
>> the storage of the public keys)  With no other dependencies
>
> Oh ok, so the pubkeys comparison is not so strange in the ssh case.
>
> Indeed asymetric cryptography has a lot of use cases, I only had
> X509Certificates in my mind, especially their usage on mutually authenticated
> TLS connections.
>
> Could we focus on the SHIRO-24 issue in this thread ? Maybe create a new one for
> discussing different asym-crypto use cases with Shiro.
>
> /Paul
>
>

Mime
View raw message