Uploaded image for project: 'Application Server 3 4 5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-3755

Expose all SSL socket factory settings via properties or attributes for UIL2

XMLWordPrintable

    • Icon: Patch Patch
    • Resolution: Done
    • Icon: Major Major
    • None
    • JBossAS-4.0.4.GA
    • JMS (JBossMQ), Security
    • None

      Currently the ssl socket factories don't have any notion of picking up settings like the enabled cipher suites from system properties or the security domain in the case of the org.jboss.security.ssl.DomainSocketFactory. We should be able to set any JSSE SSLSocketFactory setting from these external values by injecting a fully configured socket factory:

      <mbean code="org.jboss.mq.il.uil2.UILServerILService"
      name="jboss.mq:service=InvocationLayer,type=SSLUIL2">
      ...
      <attribute name="ServerSocketFactoryBean">
      attributeClass="org.jboss.security.ssl.DomainServerSocketFactory"
      serialDataType="javaBean">
      <property name="bindAddress">${jboss.bind.address}</property>
      <property name="securityDomain">java:/jaas/rmi-ssl</property>
      <property name="wantsClientAuth">true</property>
      <property name="needsClientAuth">true</property>
      <property name="CiperSuites">TLS_DHE_DSS_WITH_AES_128_CBC_SHA</property>
      <property name="Protocols">SSLv2Hello,SSLv3,TLSv1</property>
      </attribute>
      </mbean>

        1. jbossmq.jar
          494 kB
        2. sslext-uil2-service.xml
          4 kB

            Unassigned Unassigned
            starksm64 Scott Stark (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: