0004052: Optional JSSE verify-client setting not implemented

Viewing Issue Advanced Details [ Jump to Notes ]

[ View Simple ] [ Issue History ] [ Print ]

Category

Severity

Reproducibility

Date Submitted

Last Update

0004052

[Resin]

feature

always

05-26-10 21:02

01-18-11 17:16

Reporter

adamknight

View Status

public

Assigned To

ferg

Priority

normal

Resolution

fixed

Platform

Status

closed

Projection

none

OS Version

ETA

none

Fixed in Version

4.0.15

Product Version

3.1.10

Product Build

Summary

0004052: Optional JSSE verify-client setting not implemented

Description

In the resin documentation it lists the verify-client setting for Open SSL based certificate authentication. A little experimentation lead me to discover that this setting worked for JSSE connections as well. Well, sort of works - required will require a certificate correctly, but Optional isn't implemented.

This would be easy to add - insert this snippet:


      if ("optional".equals(_verifyClient))
          sslServerSocket.setWantClientAuth(true);

on line 265 of com.caucho.vfs.JsseSSLFactory.java (just above the "required" section) and Resin will request certificates from the browser but will carry on if none is supplied.

Steps To Reproduce

Additional Information

Attached Files

Relationships

Notes
(0004613) adamknight 05-26-10 21:03	My licence # is 1011956

(0004964) ferg 01-18-11 17:11	network/0405

Issue History
Date Modified	Username	Field	Change
05-26-10 21:02	adamknight	New Issue
05-26-10 21:03	adamknight	Note Added: 0004613
01-18-11 17:11	ferg	Note Added: 0004964
01-18-11 17:11	ferg	Assigned To	=> ferg
01-18-11 17:11	ferg	Status	new => assigned
01-18-11 17:11	ferg	Resolution	open => fixed
01-18-11 17:11	ferg	Fixed in Version	=> 4.0.15
01-18-11 17:16	ferg	Status	assigned => closed

Mantis 1.0.0rc3[^]

31 total queries executed.
27 unique queries executed.