Uploaded image for project: 'JGroups'
  1. JGroups
  2. JGRP-2214

SSL_KEY_EXCHANGE: add hook to verify SSL session credentials

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Major Major
    • 4.0.6
    • 4.0.5
    • None

      In SSL_KEY_EXCHANGE, when an SSL session has been established, we're sure that the credentials of the server and client are OK.

      However, an additional check might be required, e.g. that the CN in the peer's certificate always matches a given pattern, or that the org always is "IBM" (for example).

      If this is not the case, terminate the SSL connection.

      Todo: add the fully qualified name of a class and an argument (e.g. the pattern). An instance of the class will be created and initialized with the pattern. When an SSL session has been created (connect() on the client, accept() on the server), the verify() method in the instance is called and it needs to throw a SecurityException if the session cannot be accepted.

              rhn-engineering-bban Bela Ban
              rhn-engineering-bban Bela Ban
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: