Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Mutual authentication support

Description

Openfire currently supports mutual authentication for clients. This functionality is to be improved in the following way:

  • The key store used exclusively for mutual authentication certificates needs to be manageable through the admin panel.

  • In the admin panel, a visual indicator should be present for sessions that have established mutual authentication

  • It should be possible to have different mutual authentication requirements for different types of connections (BOSH vs. Non-Bosh, for example)

Environment

None

is related to

Activity

Show:

Guus der Kinderen June 2, 2015 at 7:19 AM

Mutual authentication is now configurable in the SSL Security Page (under 'custom'). On the session overview page, a session will have two small arrow over the lock arrow when mutual mutual authentication has been established.

Guus der Kinderen March 27, 2015 at 1:41 PM

This issue introduces the new property httpbind.client.cert.policy, which behaves similar to the pre-existing xmpp.client.cert.policy. The latter now affects non-BOSH sessions only, while the former affects solely BOSH sessions.

As a result of OF-893, mutual authentication was not working for BOSH. Introducing a new property to configure its usage won't introduce any backwards compatibility issues (as the existing behavior was not influences by the original property in the first place).

Fixed

Details

Assignee

Reporter

Fix versions

Priority

Created March 20, 2015 at 9:33 AM
Updated November 27, 2015 at 6:20 PM
Resolved June 2, 2015 at 7:19 AM