You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2007/01/30 12:45:19 UTC
DO NOT REPLY [Bug 41496] New: - set a security provider for jsse in a connector configuration in server.xml
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41496>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41496
Summary: set a security provider for jsse in a connector
configuration in server.xml
Product: Tomcat 5
Version: Unknown
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: Connector:HTTP
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: arminha@student.ethz.ch
CC: hauser@acm.org
Currently one can not set a specific jsse implementation for an ssl connector.
The default jsse implementation is always used.
Indeed one can change the installed security providers in the
JAVA_HOME/lib/security/java.security file and so change the default jsse
implementation. But that will also have an effect on other connectors and other
java applications.
What I'd like to do:
1. set a security provider class in an attribute of the connector element in the
server.xml:
something like:
<Connector port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true";
clientAuth="false" sslProtocol="TLS"
jsseSecurityProviderClass="com.myssl.MyProvider"/>
2. if there is a security provider set as in 1. then
a) if the specified provider is already installed (for example statically in
$JAVA_HOME/lib/security/java.security):
- use the jsse implementation of that security provider for this connector
b) (this would be very nice) if the provider is not yet installed:
- dynamically install the provider and use the jsse implementation of this
security provider
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org