[jira] [Updated] (IGNITE-9845) Web Console: Add support of two way ssl authentication in Web Console agent

Fri, 19 Oct 2018 01:51:38 -0700 


     [ 
https://issues.apache.org/jira/browse/IGNITE-9845?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrey Novikov updated IGNITE-9845:
-----------------------------------
    Description: 
RestExecutor should not be shared between different users requests in case of 
two way ssl authentication:
 * For each token with ssl we need create separated RestExecutor and set up 
socketFactory and trustManager.
 * RestExecutor should be removed if token expired.

Add program arguments for passing client certificate, client password, trust 
store, trust store password for ignite node connection and web console backend. 

Example on okhttp: 
[https://github.com/square/okhttp/blob/cd872fd83824512c128dcd80c04d445c8a2fc8eb/okhttp-tests/src/test/java/okhttp3/internal/tls/ClientAuthTest.java]

  was:
RestExecutor should not be shared between different users requests in case of 
two way ssl authentication:
 * For each token with ssl we need create separated RestExecutor and set up 
socketFactory and trustManager.
 * RestExecutor should be removed if token expired.

Add program arguments for passing client certificate, client password, trust 
store, trust store password for metrics collection task in agent.

 

Example on okhttp: 
https://github.com/square/okhttp/blob/cd872fd83824512c128dcd80c04d445c8a2fc8eb/okhttp-tests/src/test/java/okhttp3/internal/tls/ClientAuthTest.java


> Web Console: Add support of two way ssl authentication in Web Console agent
> ---------------------------------------------------------------------------
>
>                 Key: IGNITE-9845
>                 URL: https://issues.apache.org/jira/browse/IGNITE-9845
>             Project: Ignite
>          Issue Type: Improvement
>          Components: wizards
>    Affects Versions: 2.6
>            Reporter: Andrey Novikov
>            Assignee: Alexey Kuznetsov
>            Priority: Major
>             Fix For: 2.8
>
>
> RestExecutor should not be shared between different users requests in case of 
> two way ssl authentication:
>  * For each token with ssl we need create separated RestExecutor and set up 
> socketFactory and trustManager.
>  * RestExecutor should be removed if token expired.
> Add program arguments for passing client certificate, client password, trust 
> store, trust store password for ignite node connection and web console 
> backend. 
> Example on okhttp: 
> [https://github.com/square/okhttp/blob/cd872fd83824512c128dcd80c04d445c8a2fc8eb/okhttp-tests/src/test/java/okhttp3/internal/tls/ClientAuthTest.java]



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to