We will need to secure access to the Aviary components (plug-in and query server I presume). Initial config should be mutual client/server authentication over SSL/TLS with style points awarded for Rampart enablement (Axis2/C WS-Security module). Customers would provide and configure their own certs in both cases. Auth config is the domain of the axis2.xml file.
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: Desire for secure and authenticated communication between Aviary clients and servers. Consequence: Aviary could previously only be operated within a secure local network. Change: OpenSSL was more fully integrated into the Axis2C SOAP engine used by the Aviary server implementation. This required upstream code enhancements. Result: Aviary clients and servers can exchange x509 certificates to authenticate each side and establish a secure link.
All dependencies are verified -->VERIFIED
Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1,4 +1 @@ -Cause: Desire for secure and authenticated communication between Aviary clients and servers. +Previously, Aviary could only be operated within a secure local network in order to secure communication between Aviary clients and servers. This update includes upstream code enhancements that integrate OpenSSL more fully into the Axis2C SOAP (Simple Object Access Protocol) engine used by the Aviary server implementation. Aviary clients and servers can now exchange x509 certificates to authenticate each side and establish a secure link.-Consequence: Aviary could previously only be operated within a secure local network. -Change: OpenSSL was more fully integrated into the Axis2C SOAP engine used by the Aviary server implementation. This required upstream code enhancements. -Result: Aviary clients and servers can exchange x509 certificates to authenticate each side and establish a secure link.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2012-0045.html