Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-373

General peer verification callback

    XMLWordPrintable

Details

    • Task
    • Resolution: Done
    • Major
    • 1.1.0.Beta2
    • None
    • Callbacks
    • None

    Description

      We need to generalize peer verification. Right now the peer verification callback (org.wildfly.security.auth.callback.VerifyPeerTrustedCallback) is specific to X.509 certificate chains, but other mechanisms might use different peer credentials for the verification.

      An ideal API might use an optional Principal and an optional Credential. For Entity, a org.wildfly.security.credential.X509CertificateChainPublicCredential might be used for the Credential, and the Principal would be extracted from that. For key-based authentication, the principal could be the NamePrincipal of the host name and the credential would be a PublicKeyCredential.

      Attachments

        Activity

          People

            dlloyd@redhat.com David Lloyd
            dlloyd@redhat.com David Lloyd
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: