[security-dev] Impersonation feature (was: Quickstarts)

Rodney Russ rruss at redhat.com
Thu May 2 12:13:08 EDT 2013 

I have seen the need for a feature like this when a customer support representative needs to order on behalf on someone. In this particular case, the customer support rep could only order on behalf of the customers they were responsible for, but did not need credentials to "become" the users they were supporting. 

-Rodney 

----- Original Message -----

> To add to the list, I don't know if there's a feature for this...

> But, is there a way to do impersonation of users? Essentially, one user/agent
> logs in and then becomes a different user without requiring the user
> password. We're seeing this for REST based server-to-server communication
> calls. I am extrapolating that I could do some sort of silentAuthentication
> like indicated in the doc on the TicketMonster-PicketLink example, but that
> piece of the code isn't visible on the product documentation page.

> Thanks,
> Anil

> On Apr 30, 2013, at 4:59 PM, Shane Bryzak wrote:

> > There's three quickstarts that have been merged into JDF so far:
> 

> > picketlink-authentication-jsf - Simple authentication example
> 
> > picketlink-authentication-idm-jsf - Authentication using Identity
> > Management
> 
> > picketlink-authorization-idm-jpa - Authorization example based on groups
> > and
> > roles
> 

> > You can find these in the JDF repo here:
> 

> > https://github.com/jboss-jdf/jboss-as-quickstart
> 

> > There are also a whole bunch more planned and in progress, which we'll be
> > adding as they are completed. If you have a good idea for a quickstart,
> > please let us know also.
> 

> > Shane
> 

> > On 01/05/13 08:35, Anil Arora wrote:
> 

> > > Is there a location for the quickstarts?  I've seen references in the
> > > emails
> > > and on the Wiki roadmap, but I've not seen any discussion about that.
> > 
> 
> > > We're definitely anxious to see how we can utilize PicketLink 3 for our
> > > prototypes, including preliminary OAuth 2 support.
> > 
> 

> > > Thanks,
> > 
> 
> > > Anil
> > 
> 
> > > _______________________________________________
> > 
> 
> > > security-dev mailing list security-dev at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/security-dev
> > 
> 

> > _______________________________________________
> 
> > security-dev mailing list
> 
> > security-dev at lists.jboss.org
> 
> > https://lists.jboss.org/mailman/listinfo/security-dev
> 
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/security-dev/attachments/20130502/a60ac4c7/attachment.html

More information about the security-dev mailing list