Menu
▾
▴
Re: [Openjmx-devel] RMI Adaptor client authentication
|
From: Carlos Q. <car...@we...> - 2002-02-11 09:28:37
|
On Monday 11 February 2002 01:12, Bordet, Simone wrote: > Hi all, Hi > > so I'm done with the JRMP over SSL adaptor, it works, I will commit it > soon. > > The last bit to be cleared is client authentication. > > The HTTP adaptor support basic authentication (Carlos, some other that I > don't know of - digest, etc ?), meaning that a user must login before > getting something on the browser. Only basic is implemented. I found digest unecessary since SSL is available, it can be easily implmented if required > > One can think that the same should be required for the RMI adaptor as well, > but there is no standard here like there is for HTTP. So it must be done > via API, for example via an RMIConnector.login() method. But here it opens > up a wide hole, since I may want to pass in user name and password, a X509 > certificate, and so on. Furthermore it should be done with JAAS. What about a login(username, password) RMI method, that will go with SSL and will be therfore protected. However, I think the best bet is to use client authentication with certificates since that should be transparent and handled at the SSL Factory level Do you want to use JAAS to implement MBeanServer wide authentication, that every adaptor will use? > > Any idea or comments ? > > We can also go with 1.0 without it, and do it for OpenJMX 1.1 > > Simon > > _______________________________________________ > Openjmx-devel mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openjmx-devel |
