On Apr 21, 2008, at 10:55 AM, Kazem Naderi wrote:
Hello,
I have done some work on ejbd ssl support:
http://issues.apache.org/jira/browse/OPENEJB-785
<http://issues.apache.org/jira/browse/OPENEJB-785>
I have attached my implementation to the Jira issue above. I
appraciate
your feedback. The changes are not currently checked into the openejb
codebase. I am hoping to have this finalized ASAP so we can get the
SSL
support for the next release.
This looks really great, Kazem!
I've boiled the patch down to it's essentials and uploaded a new
version here: https://issues.apache.org/jira/secure/attachment/12381069/simplified-ssl.txt
. I would have checked it in but the write access to the Apache SVN
is shut off at the moment due to system issues.
I did add a different flag on the client side. Basically if you
construct your InitiaContext with the "ejbds://" prefix, then we'll
automatically use the SSL socket to connect.
From here I think we can also add two more protocol config files, an
"ejbds.properties" with SSL already turned on and another for
"https.properties" for doing EJB calls over HTTPS. I haven't actually
tested that EJB over HTTPS works with what we have in that patch, but
it should. We can also add some end to end test cases in the openejb-
ejbd and openejb-http packages that do actual EJB invocations over SSL.
Do you have any thoughts on possibly making the enabled cipher suites
more configurable? I'm not sure if this something people are going to
want. What do you think?
-David
