You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Timothee Maret (JIRA)" <ji...@apache.org> on 2016/06/03 12:29:59 UTC

[jira] [Created] (SLING-5760) Allow to support certificate based authentication in Distribution transport

Timothee Maret created SLING-5760:
-------------------------------------

             Summary: Allow to support certificate based authentication in Distribution transport
                 Key: SLING-5760
                 URL: https://issues.apache.org/jira/browse/SLING-5760
             Project: Sling
          Issue Type: Improvement
          Components: Distribution
    Affects Versions: Content Distribution Core 0.1.18
            Reporter: Timothee Maret
             Fix For: Content Distribution 0.2.0


Certificate based authentication is an alternative to the basic authentication currently available for Distribution transport. Certificate based authentication is done during the SSL handshake iff the target instance is configured to require or accept client client authentication. This client authentication scheme is a logical complement when connecting to endpoints serving over https. This result in authenticating both the source and the target using SSL.

The client certificate and private key are required to complete the SSL handshake. By default, the JRE will use the default {{KeyStore}} to retrieve those informations. However, in some platforms such as Adobe Granite, there is the ability to specify custom {{KeyStore}} based on user. For those platforms, the custom {{KeyStore}} can be provided with a {{javax.net.ssl.SSLContext}} which also contains a custom {{TrustStore}}.

This issue tracks allowing to leverage certificate based authentication using a custom {{javax.net.ssl.SSLContext}} in Distribution transport.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)