On Wed, Dec 3, 2008 at 1:41 PM, Martin Ritchie <[EMAIL PROTECTED]> wrote:
> From a brief look at the JMXRemote specification > (http://www.ece.uic.edu/~cpress/jmx/jmx_remote-1_0-fr-specJSR-000160.pdf) > my favoured approach would be to see what MX4J has to offer but we > should look do some form of protocol negotiation. So we can more > easily decide what authentication we wish to perform over the I feel quite strongly that whatever we choose to do is a) secure and b) transparent to the user. They shouldn't care about things like password file format on the broker, this is clearly insane. I would like to see a solution using SASL that allows/requires us to connect over SSL. SSL + either SASL/PLAIN or x509 certificate verification would be my ideal. - Aidan -- Apache Qpid - World Domination through Advanced Message Queueing http://cwiki.apache.org/qpid "Have we anything resembling a plan?" "Mm-hm. Ride till we find them... and kill them all." - The 13th Warrior
