Announcement Announcement Module
Collapse
No announcement yet.
SI http gateway mutual authentication support Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • SI http gateway mutual authentication support

    I am using SI now with the HTTP gateway. Our security staff now wants all traffic to be done with mutual authentication. Does SI support mutual authentication with the HTTP inbound gateway already?

  • #2
    Hi!
    mutual authentication
    As I understood by Google it is a synonym of Double SSL.
    Confirm, pleaese, if it is, and I continue to help.
    And also provide more info who is your server and who is your client.
    By the way if it is, mutual authentication isn't a task of Spring Integration. It is just some configuration on both sides.

    Take care,
    Artem

    Comment


    • #3
      Yes, I was referring to two-way SSL authentication. We are on a Weblogic application server, using the SI http-inbound-gateway, the clients are inside our company as Java or .Net web applications. I am not sure how or where the setup or configuration would occur. I assume I would need to do something like sublass a class, override a method, set properties or something to allow the MA to occur before the message is placed on the channel.
      Last edited by Wrangler; Nov 15th, 2012, 12:13 PM.

      Comment


      • #4
        Hi, sorry for late response.

        How about this one: https://www.google.com/search?q=webl...0two-way%20SSL ?
        It's for your server side.
        From other side on the client you should make similar work on the part of key-generation and store creation.
        Then you may place in the JAVA_OPTS on the app start something like this:
        -Djavax.net.ssl.keyStore=PATH_TO_KEY_STORE_FILE\key Store.jks -Djavax.net.ssl.trustStore=PATH_TO_TRUST_STORE_FILE \trustStore.jks
        -Djavax.net.ssl.keyStorePassword=somePassword

        If it is a .NET app, there should be something similar.

        So, in any case you don't need make any changes to your application.

        Cheers,
        Artem

        Comment

        Working...
        X