You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Polar Humenn (JIRA)" <ji...@apache.org> on 2007/02/25 22:31:05 UTC
[jira] Created: (CXF-438) Trust Decider Callback for Conduit
Trust Decider Callback for Conduit
----------------------------------
Key: CXF-438
URL: https://issues.apache.org/jira/browse/CXF-438
Project: CXF
Issue Type: New Feature
Components: Core, Transports
Reporter: Polar Humenn
A callback is needed on Conduits that may extract certain information from their underlying protocol implementations that will allow a trust decision to be made. For instance, an HTTP Conduit, once connected should call back with the local bind address, local port, ip address and port of the peer. For a conduit using TLS underneath HTTPS, should also present selected cipher suite and peer certificates as well as selected local certificates, most likely the JSSE SSLSession.
The callback should throw an appropriate security exception should trust not be established, and that exception shall propagate up to the application.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (CXF-438) Trust Decider Callback for Conduit
Posted by "Bozhong Lin (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bozhong Lin closed CXF-438.
---------------------------
Resolution: Fixed
Fix Version/s: 2.0-RC
> Trust Decider Callback for Conduit
> ----------------------------------
>
> Key: CXF-438
> URL: https://issues.apache.org/jira/browse/CXF-438
> Project: CXF
> Issue Type: New Feature
> Components: Core, Transports
> Reporter: Polar Humenn
> Fix For: 2.0-RC
>
> Attachments: CXF-HttpBATD.patch, Polar-CXF-438.patch
>
>
> A callback is needed on Conduits that may extract certain information from their underlying protocol implementations that will allow a trust decision to be made. For instance, an HTTP Conduit, once connected should call back with the local bind address, local port, ip address and port of the peer. For a conduit using TLS underneath HTTPS, should also present selected cipher suite and peer certificates as well as selected local certificates, most likely the JSSE SSLSession.
> The callback should throw an appropriate security exception should trust not be established, and that exception shall propagate up to the application.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CXF-438) Trust Decider Callback for Conduit
Posted by "Bozhong Lin (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-438?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12491559 ]
Bozhong Lin commented on CXF-438:
---------------------------------
patch applied by Eoghan, with revision 529583
> Trust Decider Callback for Conduit
> ----------------------------------
>
> Key: CXF-438
> URL: https://issues.apache.org/jira/browse/CXF-438
> Project: CXF
> Issue Type: New Feature
> Components: Core, Transports
> Reporter: Polar Humenn
> Attachments: CXF-HttpBATD.patch, Polar-CXF-438.patch
>
>
> A callback is needed on Conduits that may extract certain information from their underlying protocol implementations that will allow a trust decision to be made. For instance, an HTTP Conduit, once connected should call back with the local bind address, local port, ip address and port of the peer. For a conduit using TLS underneath HTTPS, should also present selected cipher suite and peer certificates as well as selected local certificates, most likely the JSSE SSLSession.
> The callback should throw an appropriate security exception should trust not be established, and that exception shall propagate up to the application.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (CXF-438) Trust Decider Callback for Conduit
Posted by "Polar Humenn (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Polar Humenn updated CXF-438:
-----------------------------
Attachment: CXF-HttpBATD.patch
This patch handles Trust Deciders to the HTTP Conduit implementation also takes care of CXF-430 and most related JIRAs related to Basic Auth.
> Trust Decider Callback for Conduit
> ----------------------------------
>
> Key: CXF-438
> URL: https://issues.apache.org/jira/browse/CXF-438
> Project: CXF
> Issue Type: New Feature
> Components: Core, Transports
> Reporter: Polar Humenn
> Attachments: CXF-HttpBATD.patch, Polar-CXF-438.patch
>
>
> A callback is needed on Conduits that may extract certain information from their underlying protocol implementations that will allow a trust decision to be made. For instance, an HTTP Conduit, once connected should call back with the local bind address, local port, ip address and port of the peer. For a conduit using TLS underneath HTTPS, should also present selected cipher suite and peer certificates as well as selected local certificates, most likely the JSSE SSLSession.
> The callback should throw an appropriate security exception should trust not be established, and that exception shall propagate up to the application.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CXF-438) Trust Decider Callback for Conduit
Posted by "Polar Humenn (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-438?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12488498 ]
Polar Humenn commented on CXF-438:
----------------------------------
The latest patch must be applied with "svn-apply" from Apple Webkit, as they have Base64 encoded binary files (keystores). If they don't add, there is a script called genkeys.sh in the src/main/resources directory that will generate them.
> Trust Decider Callback for Conduit
> ----------------------------------
>
> Key: CXF-438
> URL: https://issues.apache.org/jira/browse/CXF-438
> Project: CXF
> Issue Type: New Feature
> Components: Core, Transports
> Reporter: Polar Humenn
> Attachments: CXF-HttpBATD.patch, Polar-CXF-438.patch
>
>
> A callback is needed on Conduits that may extract certain information from their underlying protocol implementations that will allow a trust decision to be made. For instance, an HTTP Conduit, once connected should call back with the local bind address, local port, ip address and port of the peer. For a conduit using TLS underneath HTTPS, should also present selected cipher suite and peer certificates as well as selected local certificates, most likely the JSSE SSLSession.
> The callback should throw an appropriate security exception should trust not be established, and that exception shall propagate up to the application.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (CXF-438) Trust Decider Callback for Conduit
Posted by "Polar Humenn (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Polar Humenn updated CXF-438:
-----------------------------
Attachment: Polar-CXF-438.patch
Patch Submitted on Revision 519995.
This patch installs a TrustDecider into the http conduit and also comments quite a bit of the HTTP implementation.
> Trust Decider Callback for Conduit
> ----------------------------------
>
> Key: CXF-438
> URL: https://issues.apache.org/jira/browse/CXF-438
> Project: CXF
> Issue Type: New Feature
> Components: Core, Transports
> Reporter: Polar Humenn
> Attachments: Polar-CXF-438.patch
>
>
> A callback is needed on Conduits that may extract certain information from their underlying protocol implementations that will allow a trust decision to be made. For instance, an HTTP Conduit, once connected should call back with the local bind address, local port, ip address and port of the peer. For a conduit using TLS underneath HTTPS, should also present selected cipher suite and peer certificates as well as selected local certificates, most likely the JSSE SSLSession.
> The callback should throw an appropriate security exception should trust not be established, and that exception shall propagate up to the application.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.