[switchyard-issues] [JBoss JIRA] (SWITCHYARD-725) Security Policy support

Keith Babo (JIRA) jira-events at lists.jboss.org
Wed Apr 4 09:15:49 EDT 2012 

Keith Babo created SWITCHYARD-725:
-------------------------------------

             Summary: Security Policy support
                 Key: SWITCHYARD-725
                 URL: https://issues.jboss.org/browse/SWITCHYARD-725
             Project: SwitchYard
          Issue Type: Feature Request
          Components: core
            Reporter: Keith Babo
            Priority: Critical
             Fix For: 0.5


Add support for configuring security policy in an application.  This should leverage the existing policy framework in place and follow a similar pattern to how the transaction policy support was implemented. A little background on security policy can be found here:

http://docs.oasis-open.org/opencsa/sca-policy/sca-policy-1.1-spec-csprd03.html#_Toc311121482

There are two stages to this feature.  In the first stage, we simply need to support a service declaring that security policy is required and updated gateway components to assert that security policy is in place.  The first logical candidate for gateway support would be web services and SSL-based communication.  This should be a quick way to connect the dots end-to-end and then we can take it further.

The second stage involves adding an additional SecurityPolicy handler that injects a policy decision point into the handler chain.  The idea here is that the gateway might not be able to make an assertion w/r/t security, but the message/context contains security details that can be hooked into an Identity Manager/Provider to make the appropriate assertions.  This is where something like SAML comes in.  This handler would sit before the generic policy handler (which matches required policy against provided policy) and provide the capability of adding security assertions that a gateway was not capable of handling.



--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the switchyard-issues mailing list