DO NOT REPLY [Bug 37138] New: - Allow to specify a security provider (priority list) per connector (e.g. to allow to use multiple USB-HSM tokens - one per connector)

[bu...@apache.org]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=37138>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=37138

           Summary: Allow to specify a security provider (priority list) per
                    connector (e.g. to allow to use multiple USB-HSM tokens
                    - one per connector)
           Product: Tomcat 5
           Version: 5.5.9
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Connector:Coyote
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: hauser@acm.org


With the arrival of PCKS11 Security Provider by Sun, it appears that HSM devices
are supposedly managed by means of implementations of java.security.provider.
Modern linux machines often have multiple (USB-)ports, so it is easy connect
multiple HSMs to it.
Therefore, it would be great to be able to use one tomcat connector for an https
webapp with one HSM and another HSM for e.g. an axis service on top of https in
a further connector with a different tcp-port at the same time.

For more on this, see
http://www.infsec.ethz.ch/education/projects/PoorManHSM051013.doc

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org