Timothee Maret created SLING-5760:
-------------------------------------
Summary: Allow to support certificate based authentication in
Distribution transport
Key: SLING-5760
URL: https://issues.apache.org/jira/browse/SLING-5760
Project: Sling
Issue Type: Improvement
Components: Distribution
Affects Versions: Content Distribution Core 0.1.18
Reporter: Timothee Maret
Fix For: Content Distribution 0.2.0
Certificate based authentication is an alternative to the basic authentication
currently available for Distribution transport. Certificate based
authentication is done during the SSL handshake iff the target instance is
configured to require or accept client client authentication. This client
authentication scheme is a logical complement when connecting to endpoints
serving over https. This result in authenticating both the source and the
target using SSL.
The client certificate and private key are required to complete the SSL
handshake. By default, the JRE will use the default {{KeyStore}} to retrieve
those informations. However, in some platforms such as Adobe Granite, there is
the ability to specify custom {{KeyStore}} based on user. For those platforms,
the custom {{KeyStore}} can be provided with a {{javax.net.ssl.SSLContext}}
which also contains a custom {{TrustStore}}.
This issue tracks allowing to leverage certificate based authentication using a
custom {{javax.net.ssl.SSLContext}} in Distribution transport.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
