Task #1937 (closed)
Opened 14 years ago
Closed 14 years ago
Add ADH as default transport
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | n.a. | Milestone: | OMERO-Beta4.2 |
Component: | Security | Version: | n.a. |
Keywords: | n.a. | Cc: | jburel, cxallan |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | 0.0d |
Sprint: | 2010-03-19 (5) |
Description (last modified by jmoore)
The primary challenge is testing that the configuration can gracefully fail (if permitted)
If SSL cannot be enabled at all times (because of plugins, etc?) then the following changes may be necessary:
- strip the "ssl ..." section out of Ice.Default.Router
- check for null ports in createSession
- check client(string) constructor argument for starts with "tcp " or "ssl "
Change History (10)
comment:1 Changed 14 years ago by jmoore
- Milestone changed from Unscheduled to OMERO-Beta4.2
- Sprint set to 2010-03-19 (5)
comment:2 Changed 14 years ago by jmoore
- Status changed from new to assigned
comment:3 Changed 14 years ago by jmoore
- Description modified (diff)
comment:4 Changed 14 years ago by jmoore
- Description modified (diff)
comment:5 Changed 14 years ago by jmoore
- Cc jburel cxallan added
comment:6 Changed 14 years ago by jmoore
comment:7 Changed 14 years ago by jmoore
comment:8 Changed 14 years ago by jmoore
comment:9 Changed 14 years ago by jmoore
comment:10 Changed 14 years ago by jmoore
- Component changed from General to Security
- Remaining Time changed from 1 to 0
- Resolution set to fixed
- Status changed from assigned to closed
From a security perspective, ADH is working fine, and for 4.2 we probably don't want to get into certificate based authentication, however it is too slow, described in #2099, which is scheduled for the next iteration.
A few points: