[jsr339-experts] Client security configuration proposal for JAX-RS 2.0

From: Marek Potociar <marek.potociar_at_oracle.com>
Date: Fri, 1 Feb 2013 17:40:47 +0100

Hello experts,

I'd like you to review a proposal for the basic client security configuration support in JAX-RS 2.0. After a careful deliberation and taking into account recent schedule adjustments, I'd like to propose a following resolution:

1. SSL configuration:
In light of all the possible configuration aspects around TLS[1], we propose to agree upon the absolute minimum, that is providing a custom SSLConfig instance into the client run-time.

New ClientBuilder interface has been introduced that supports setting SSLConfig:

The newly introduced client builder is supposed to be provided by a new static ClientFactory method. To facilitate the change, ClientFactory has been updated:

A new SSL config getter is introduce in the Client API:

2. HTTP Authentication:
We do not have enough cycles to provide a well-designed authentication API and RI implementation. There is also a potential of a collision with a Java SE HTTP client API (currently work in progress). The proposal is therefore to defer HTTP auth support to a maintenance release and align it with the new Java SE HTTP client API.

We're looking forward to your feedback. Please send us your feedback by no later then Wed, Feb 06, 2013 CoB!

Thank you,
Marek & Santiago

[1] A deeper analysis of SSLContext creation tree shows the following configuration aspects that are involved:

- SSL engine (SSLEngine: created using SSLContext)
  - [*] enabled cipher suites (String[])
  - [*] enabled protocols (String[])
  - SSL context (SSLContext: created from provided data)
    - protocol (String)
    - provider (String/Provider)
    - secure random generator source (SecureRandom)
    - key managers (KeyManager[]: provided by KeyManagerFactory)
      - key manager factory (KeyManagerFactory)
        - algorithm (String)
        - provider (String/Provider)
        - key store password (char[])
        - key store key password (char[])
        - key store (KeyStore)
          - type (String)
          - provider (String/Provider)
          - store data (URL/InputStream/byte[]/...)
    - trust managers (TrustManager[])
      - trust manager factory (TrustManagerFactory)
        - algorithm (String)
        - provider (String/Provider)
        - trust store password (char[])
        - trust store (KeyStore)
          - type (String)
          - provider (String/Provider)
          - store data (URL/InputStream/byte[]/...)

[*] = optional config

The bold black items indicate the configuration properties related to full configuration of a SSL context. For those of you who use pure-text email clients, these properties include:

context protocol, context protocol provider, secure randomness source, keystore algorithm, keystore algorithm provider, keystore password, keystore key password, keystore data, truststore algorithm, truststore alg. provider, truststore password, truststore data

As you can see, it's quite a lot of configuration, and all of it is already captured in Java SE APIs that assist in creation of SSLContext. So given our timeframe, we propose to focus really only on the most essential configuration, which is setting the pre-configured SSLContext instance. We suggest to revisit any additional convenience SSL config methods as part of a maintenance release.