You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2007/01/30 12:45:19 UTC

DO NOT REPLY [Bug 41496] New: - set a security provider for jsse in a connector configuration in server.xml

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41496>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41496

           Summary: set a security provider for jsse in a connector
                    configuration in server.xml
           Product: Tomcat 5
           Version: Unknown
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Connector:HTTP
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: arminha@student.ethz.ch
                CC: hauser@acm.org


Currently one can not set a specific jsse implementation for an ssl connector.
The default jsse implementation is always used.
Indeed one can change the installed security providers in the
JAVA_HOME/lib/security/java.security file and so change the default jsse
implementation. But that will also have an effect on other connectors and other
java applications.

What I'd like to do:
1. set a security provider class in an attribute of the connector element in the
server.xml:
something like:
<Connector port="8443" minProcessors="5" maxProcessors="75"
           enableLookups="true" disableUploadTimeout="true"
           acceptCount="100" debug="0" scheme="https" secure="true";
           clientAuth="false" sslProtocol="TLS"
           jsseSecurityProviderClass="com.myssl.MyProvider"/>

2. if there is a security provider set as in 1. then
  a) if the specified provider is already installed (for example statically in
$JAVA_HOME/lib/security/java.security):
   - use the jsse implementation of that security provider for this connector
  b) (this would be very nice) if the provider is not yet installed:
   - dynamically install the provider and use the jsse implementation of this
security provider

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org