SSL Prompter not implementable

[Christopher Cain <cc...@mhsoftware.com>]

I've hit kind of a brick wall plugging my SSL prompter into both containers. 
Interestingly enough, it's the same wall in both cases: I cannot get an event 
that fires early enough in the process.

Under TC4, the Listener is not called until after connector initialization, 
which calls the SSLSocketFactory initialization, which tries to access the 
keystore. It therefore bombs before my class is even called.

Basically the same story in 3.3. The existing callback, addInterceptor(), is 
called after initialization and will suffer the same problem. Even if I get a 
new callback for before initialization, I will still have to modify the 
connector itself in order to have it not step on my value.

At this point, we've definitely gone beyond the scope of a simple stopgap 
module for SSL. I don't want to start making changes to the connectors 
themselves just to suit SSL-prompting when a more comprehensive security 
solution is already on the table.

So my question is, can we start hashing out my "LitterBox" proposal now? If I 
can get a complete list of the external resource information that should be 
covered by this module (Keystores, JDBC Realms, etc.), I'll take a look at each 
mod and put together a detailed proposal on both the proposed solution as well 
as the scope of the necessary changes to existing stuff.

I haven't had much luck getting feedback on my ideas lately. If I go to the 
trouble to draft this all up and do it right, is anyone (especially any 
committers) going to have anything to say, or should I just code it all myself 
and then start submitting the code for comment?

- Christopher