[jira] Commented: (HTTPCORE-55) Ability to Request for Client Authentication when using NIO SSL in server mode

Sat, 10 Mar 2007 09:19:30 -0800 

    [ 
https://issues.apache.org/jira/browse/HTTPCORE-55?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12479859
 ] 

Asankha C. Perera commented on HTTPCORE-55:
-------------------------------------------

Hi Oleg

I think I came across a small problem trying to access the SSLIOSession from my 
transport implementation to set the SSLIOSessionInitializationCallback. The 
SSLIOSession's are created in the connected() method of the IOEventDispatch 
implementations. So before the initialization takes place, there doesn't seem 
to be a way to set the callback..

I think the SSLIOSessionInitializationCallback interface could also introduce 
one more method to perform hostname verification once the handshake is 
complete, and this maybe a good time to include support for it too before 
4.0-alpha4 is finalized. I am attaching a patch that includes a minor change 
for this over the patch you have attached above. Could you see if this is 
possible to include?

thanks
asankha

> Ability to Request for Client Authentication when using NIO SSL in server mode
> ------------------------------------------------------------------------------
>
>                 Key: HTTPCORE-55
>                 URL: https://issues.apache.org/jira/browse/HTTPCORE-55
>             Project: HttpComponents Core
>          Issue Type: Bug
>          Components: HttpCore NIO
>            Reporter: Asankha C. Perera
>         Assigned To: Oleg Kalnichevski
>            Priority: Critical
>             Fix For: 4.0-alpha4
>
>         Attachments: niosslinit.patch
>
>
> It would be great if the SSLIOSession.initialize() could expect to know if 
> client authentication is wanted, required or not-wanted through a parameter 
> passed in, when operating in the server mode to configure the underlying 
> SSLEngine. 
> This maybe something like the Apache SSLClientAuth directive that could be 
> set into the HttpParams as none/required/optional, and passed in by the 
> SSLServerIOEventDispatch

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to