Hi Rob, On Wed, Feb 27, 2013 at 3:34 PM, Rob Godfrey <rob.j.godf...@gmail.com>wrote:
> > At first read that all sounds sensible - looking forward to seeing the > patch. > > Great ... as I mentioned in my answer to Alex, we have just a rough prototype right now ... we will need a bit more time to add all the parts around. > Could we perhaps just add an option to the authentication provider to > specify whether to use the CN or the DN as the username? This will > leave the choice to the operator of an individual broker instance so > they can choose to be compatible with the java Broker way of doing > things or the C++ broker way? > Yes, that might be an option as well. I remember there were situations when I hated that the CN / DN is being used directly as a username and I have no way to do some custom mapping - that is why I considered some kind of configurable translation/mapping table. Having just a switch saying whether to use DN or CN is of course a bit simpler and easier :-). Anyway, we will first finish the patch for the peer certificates it self before looking into this. Thanks & Regards JAkub