SI http gateway mutual authentication support

[Wrangler]

I am using SI now with the HTTP gateway. Our security staff now wants all traffic to be done with mutual authentication. Does SI support mutual authentication with the HTTP inbound gateway already?

[Cleric]

Hi!

mutual authentication

As I understood by Google it is a synonym of Double SSL.
Confirm, pleaese, if it is, and I continue to help.
And also provide more info who is your server and who is your client.
By the way if it is, mutual authentication isn't a task of Spring Integration. It is just some configuration on both sides.

Take care,
Artem

[Wrangler]

Yes, I was referring to two-way SSL authentication. We are on a Weblogic application server, using the SI http-inbound-gateway, the clients are inside our company as Java or .Net web applications. I am not sure how or where the setup or configuration would occur. I assume I would need to do something like sublass a class, override a method, set properties or something to allow the MA to occur before the message is placed on the channel.

[Cleric]

Hi, sorry for late response.

How about this one: https://www.google.com/search?q=webl...0two-way%20SSL ?
It's for your server side.
From other side on the client you should make similar work on the part of key-generation and store creation.
Then you may place in the JAVA_OPTS on the app start something like this:
-Djavax.net.ssl.keyStore=PATH_TO_KEY_STORE_FILE\key Store.jks -Djavax.net.ssl.trustStore=PATH_TO_TRUST_STORE_FILE \trustStore.jks
-Djavax.net.ssl.keyStorePassword=somePassword

If it is a .NET app, there should be something similar.

So, in any case you don't need make any changes to your application.

Cheers,
Artem