New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ISPN-13080 Infnispan SSL encryption and certificate authorization tutorial #126
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
486a60c
to
afaef51
Compare
my thoughts:
|
provide infinispan.xml could restrict the use as it might fail if the user start a different version of infinispan. |
the infinispan version is not a problem since we have a branch for each version. |
@wfink needs rebase |
I'm about to fix some minor issues and integrate Pedro's comments. |
eec7c62
to
26e10f8
Compare
$ export TEST=SIMPLEAUTH && mvn exec:exec@run | ||
---- | ||
. Check that put and get succeeds both times as Client1 and Client2 certificates are used. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Got this exception in logs:
ISPN005003: Exception reported java.lang.SecurityException: ISPN000287: Unauthorized access: subject 'Subject with principal(s): [anonymous, CN=Client2, OU=Infinispan, O=JBoss, L=Red Hat, InetAddressPrincipal [address=127.0.0.1/127.0.0.1]]' lacks 'WRITE' permission
If this is expected, we should explain to users.
@wfink I ran all the examples successfully and, overall, it was a much easier process with Pedro's changes. There are a few nits for clarity in some comments. Can you apply the changes or would you prefer if I sent another commit? |
61554da
to
bf23b5d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Thanks for the hard work on this one @wfink
Tutorial with self created keystores
https://issues.redhat.com/browse/ISPN-13123