Uploaded image for project: 'JBoss A-MQ'
  1. JBoss A-MQ
  2. ENTMQ-1154

Authentication based on SSL certificate fails for secure WebSockets transport wss://

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • JBoss A-MQ 6.3
    • JBoss A-MQ 6.2
    • broker, stomp
    • None

      If the broker is configured for secure Web Sockets| <transportConnectorname="wss"uri="wss://0.0.0.0:61618?transport.needClientAuth=true"/>|

      and also uses either of the two JAAS plugins| <plugins>|

      <jaasCertificateAuthenticationPluginconfiguration="..."/>
      <jaasDualAuthenticationPluginconfiguration="..."sslConfiguration="..."/>
      </plugins>

      Then authentication will*always*fail based on the client's SSL certificate.
      Depending on the JAAS plugin used, authentication either fails with| java.lang.SecurityException: Unable to authenticate transport without SSL certificate.|

      in case of using <jaasCertificateAuthenticationPlugin> or| User name [null] or password is invalid.|

      in case of using <jaasDualAuthenticationPlugin>

            dejanbosanac Dejan Bosanac
            rhn-support-tmielke Torsten Mielke
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: