You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by "Regan, Aaron" <Aa...@akquinet.de.INVALID> on 2020/02/04 16:21:37 UTC
Client Authentication
Hi,
I would like to add client side authentication to Apache James. Some guidance on how to implement this would be appreciated.
So far I have Added the required variables to james-project/server/protocols/protocols-library/src/main/java/org/apache/james/protocols/lib/netty/AbstractConfigurableAsyncServer.java class. (Truststore location, secret) I have added them to the config and SSLContext in the same way the keystore is added. They are then entered in the smtp and pop3 xml config files.
I have Also added engine.setNeedClientAuth(true); to the SSLEngine in the getPipeline method located at james-project/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java.
I built the james-cassandra-guice docker image and it appears to be working as expected. Could you see any potential issues with my implementation ?
Thanks & Regards,
Aaron
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: Client Authentication
Posted by Raphaël Ouazana-Sustowski <ro...@apache.org>.
Hi,
It seems right at first sight.
Do you plan to contribute it? Then I guess
engine.setNeedClientAuth(true); should be made configurable depending on
the provided parameters.
Don't hesitate to open a pull request so that we look at it and
integrate it in the main code.
Regards,
Raphaël.
Le 04/02/2020 à 17:21, Regan, Aaron a écrit :
> Hi,
>
> I would like to add client side authentication to Apache James. Some guidance on how to implement this would be appreciated.
>
> So far I have Added the required variables to james-project/server/protocols/protocols-library/src/main/java/org/apache/james/protocols/lib/netty/AbstractConfigurableAsyncServer.java class. (Truststore location, secret) I have added them to the config and SSLContext in the same way the keystore is added. They are then entered in the smtp and pop3 xml config files.
>
> I have Also added engine.setNeedClientAuth(true); to the SSLEngine in the getPipeline method located at james-project/protocols/netty/src/main/java/org/apache/james/protocols/netty/AbstractSSLAwareChannelPipelineFactory.java.
>
> I built the james-cassandra-guice docker image and it appears to be working as expected. Could you see any potential issues with my implementation ?
>
> Thanks & Regards,
> Aaron
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> For additional commands, e-mail: server-dev-help@james.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org