April 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-439) Client Cert authentication using certificate passed from a proxy

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-439?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-439: --------------------------------- Fix Version/s: 1.1.0.Beta41 (was: 1.1.0.Beta39) > Client Cert authentication using certificate passed from a proxy > ---------------------------------------------------------------- > > Key: ELY-439 > URL: https://issues.jboss.org/browse/ELY-439 > Project: WildFly Elytron > Issue Type: Feature Request > Components: HTTP > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta41 > > > Undertow contains a feature where by the Proxy server can handle SSL and pass the certificate chain to Undertow - this is then used for the actual client cert authentication. > We need to cover this type of scenario within our generic HTTP authentication framework. > We could further wrap the SSLSession in a similar way Undertow does - or we could make the chain availbale as a fall back. > Related to this we also need to work on the different attachment contexts, that may affect how we consider SSLSession attachments. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-432) Support setEnableSessionCreation on ServerSSLContextBuilder

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-432?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-432: --------------------------------- Fix Version/s: 1.1.0.Beta41 (was: 1.1.0.Beta39) > Support setEnableSessionCreation on ServerSSLContextBuilder > ----------------------------------------------------------- > > Key: ELY-432 > URL: https://issues.jboss.org/browse/ELY-432 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SSL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta41 > > > It is already possible to configure this one for XNIO and Undertow so we should add this config option to our own builder. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-430) Add HostnameVerifier implementation

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-430?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-430: --------------------------------- Fix Version/s: 1.1.0.Beta41 (was: 1.1.0.Beta39) > Add HostnameVerifier implementation > ----------------------------------- > > Key: ELY-430 > URL: https://issues.jboss.org/browse/ELY-430 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SSL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta41 > > > We should at the very least have a sensible default implementation checking the certificate against the host name. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-422) Default SSLContext?

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-422?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-422: --------------------------------- Fix Version/s: 1.1.0.Beta41 (was: 1.1.0.Beta39) > Default SSLContext? > ------------------- > > Key: ELY-422 > URL: https://issues.jboss.org/browse/ELY-422 > Project: WildFly Elytron > Issue Type: Task > Components: SSL > Reporter: Darran Lofthouse > Fix For: 1.1.0.Beta41 > > > We know we want one, what we don't know is exactly that it means and is it an Elytron concern or subsystem concern. > One issue is within Elytron our SSLContext implementations are either server side specific or client side specific - we may even want to review if there is any way to review what it is being used for and act accordingly. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-355) HTTP Authentication Mechanism Testing

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-355?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-355: --------------------------------- Fix Version/s: 1.1.0.Beta41 (was: 1.1.0.Beta39) > HTTP Authentication Mechanism Testing > ------------------------------------- > > Key: ELY-355 > URL: https://issues.jboss.org/browse/ELY-355 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Testsuite > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta41 > > > We don't want to create a full HTTP server but we should have a sufficient wrapper to test the HTTP authentication framework and test out specific mechanims. > This will leave the Elytron Web project to smoke test integration and not focus on testing the actual mechanisms. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-341) PEM file format support

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-341?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-341: --------------------------------- Fix Version/s: 1.1.0.Beta41 (was: 1.1.0.Beta39) > PEM file format support > ----------------------- > > Key: ELY-341 > URL: https://issues.jboss.org/browse/ELY-341 > Project: WildFly Elytron > Issue Type: Enhancement > Components: KeyStores > Reporter: David Lloyd > Assignee: Pedro Igor > Fix For: 1.1.0.Beta41 > > > We should add support for PEM formats for formats including (but not limited to): > * X.509 Certificate > * CSRs > * CRLs > * RSA and DSA Public and Private Keys > * PKCS8 format Private Keys > * DH parameters > * ECDSA Public Key > * EC Private Key > * EC Parameters > This API could be consumed by various utilities or by custom credential storage implementations. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-303) Verify compatibility with RFC7617 "The 'Basic' HTTP Authentication Scheme"

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-303?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-303: --------------------------------- Fix Version/s: 1.1.0.Beta41 (was: 1.1.0.Beta39) > Verify compatibility with RFC7617 "The 'Basic' HTTP Authentication Scheme" > -------------------------------------------------------------------------- > > Key: ELY-303 > URL: https://issues.jboss.org/browse/ELY-303 > Project: WildFly Elytron > Issue Type: Task > Components: HTTP > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta41 > > > This RFC has now reached the stage of being a proposed standard. > https://www.rfc-editor.org/info/rfc7617 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-298) load-from/uri keystore xsd/parser mismatch

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-298?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-298: --------------------------------- Fix Version/s: 1.1.0.Beta41 (was: 1.1.0.Beta39) > load-from/uri keystore xsd/parser mismatch > ------------------------------------------ > > Key: ELY-298 > URL: https://issues.jboss.org/browse/ELY-298 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Client > Reporter: Kabir Khan > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta41 > > > The xsd has > {code} > <xsd:complexType name="key-store-type"> > <xsd:sequence minOccurs="1" maxOccurs="1"> >  > <xsd:choice minOccurs="1" maxOccurs="1"> > <xsd:element name="file" type="name-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="load-from" type="uri-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="resource" type="name-type" minOccurs="1" maxOccurs="1"/> > {code} > The parser seems to look for 'uri' rather than 'load-from' -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-286) HTTP Digest Authentication

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-286?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-286: --------------------------------- Fix Version/s: 1.1.0.Beta41 (was: 1.1.0.Beta39) > HTTP Digest Authentication > -------------------------- > > Key: ELY-286 > URL: https://issues.jboss.org/browse/ELY-286 > Project: WildFly Elytron > Issue Type: Feature Request > Components: HTTP > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta41 > > > Original Digest RFC [https://tools.ietf.org/html/rfc2069] > Current Digest RFC [https://tools.ietf.org/html/rfc2617] > HTTP 1.1 Authentication (Updates RFC2617) [https://tools.ietf.org/html/rfc7235] > Draft currently under discussion - [https://datatracker.ietf.org/doc/draft-ietf-httpauth-digest/] > RFC7616 Now Proposed Standard > "HTTP Digest Access Authentication", September 2015 > [https://www.rfc-editor.org/info/rfc7616] -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-572) Update the GSSAPI SASL mechanism to use the ServerCredentialCallback(GSSCredentialCredential.class)

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-572?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-572: --------------------------------- Fix Version/s: 1.1.0.Beta41 (was: 1.1.0.Beta39) > Update the GSSAPI SASL mechanism to use the ServerCredentialCallback(GSSCredentialCredential.class) > --------------------------------------------------------------------------------------------------- > > Key: ELY-572 > URL: https://issues.jboss.org/browse/ELY-572 > Project: WildFly Elytron > Issue Type: Bug > Components: SASL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 1.1.0.Beta41 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira April 2017