8:49 a.m.
Anil Saldhana [https://community.jboss.org/people/anil.saldhana] created the discussion
"Security Context Propagation"
To view the discussion, visit: https://community.jboss.org/message/755141#755141
--------------------------------------------------------------
Discussion related to
https://docs.jboss.org/author/display/SECURITY/Java+Application+Security
https://docs.jboss.org/author/display/SECURITY/Java+Application+Security
When there is a need to propagate security context, the following usecases come into my
mind:
a) Thread level security context propagation.
b) Session level security context propagation.
- Internal session maintained by PicketBox.
- External session injected.
The API can look like the following:
SecurityContext context = //
SecurityContextPropagation.setContext(context, Level.THREAD);
SecurityContextPropagation.setContext(context, Level.SESSION);
SecurityContextPropagation.setContext(context, session, Level.SESSION);
context = SecurityContextPropagation.getContext(); //Thread level or internal session
context = SecurityContextPropagation.getContext(session);
Note: Session is an instance of PicketBoxSession.
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/755141#755141]
Start a new discussion in PicketBox Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&...]
9:27 a.m.
New subject: [PicketBox Development] - Re: Security Context Propagation
Pedro Igor [https://community.jboss.org/people/pcraveiro] created the discussion
"Re: Security Context Propagation"
To view the discussion, visit: https://community.jboss.org/message/755159#755159
--------------------------------------------------------------
PicketBox already works with sessions to use different stores: local-inmemory or in-memory
distributable cache. Your proposal can work with what we already have.
The PicketBoxSubject and PicketBoxSession work very similar to the SecurityContext. But I
agree that is better to have a specific class for that.
Maybe we can have something like: PicketBoxSubject.propagate(). Where this method is
responsible to create a SC instance by using some factory or something (let developers
code their own SC) and to know how to propagate it.
Basically, your logic would be inside the PicketBoxSubject.propagate() method.
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/755159#755159]
Start a new discussion in PicketBox Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&...]
9:29 a.m.
New subject: [PicketBox Development] - Re: Security Context Propagation
Anil Saldhana [https://community.jboss.org/people/anil.saldhana] created the discussion
"Re: Security Context Propagation"
To view the discussion, visit: https://community.jboss.org/message/755161#755161
--------------------------------------------------------------
We need to provide the construct for SecurityContext. We have one in PBox4.
IMO it is better to have a static class called SecurityContextPropagation to convey the
meaning.
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/755161#755161]
Start a new discussion in PicketBox Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&...]
4528
days inactive
4528
days old
jboss-dev-forums@lists.jboss.org
2 comments
2 participants
participants (2)
-
Anil Saldhana -
Pedro Igor