Domain Management - Enable silent authentication using Kerberos
---------------------------------------------------------------
Key: AS7-1372
URL: https://issues.jboss.org/browse/AS7-1372
Project: Application Server 7
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 7.1.0.Beta1
It should be possible for users to authenticate for domain management using Kerberos.
Over the HTTP interface this will be SPNEGO, for the Native connection we use SASL so can use GSSAPI
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
Make realms fully manageable through domain.
--------------------------------------------
Key: AS7-2488
URL: https://issues.jboss.org/browse/AS7-2488
Project: Application Server 7
Issue Type: Feature Request
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 7.2.0.Alpha1
For the management interfaces we are making use of realms backed by CallbackHandlers for the authenticators / mechanisms.
This Jira is to look at making the contents of these realms manageable where possible e.g. : -
- Definition of users
- Modifications to users / password resets
- Role memberships
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
Add GSSAPI support to CLI
-------------------------
Key: AS7-1386
URL: https://issues.jboss.org/browse/AS7-1386
Project: Application Server 7
Issue Type: Task
Components: CLI, Domain Management
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 7.1.0.Beta1
Once the Native interface supports GSSAPI then the CLI will also need to support this.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
<distributable> web applications fail to deploy with the default configuration
------------------------------------------------------------------------------
Key: AS7-1313
URL: https://issues.jboss.org/browse/AS7-1313
Project: Application Server 7
Issue Type: Bug
Components: Web
Affects Versions: 7.0.0.Final
Reporter: Stuart Douglas
Assignee: Remy Maucherat
<distributable> web applications fail with the following:
"Services with missing/unavailable dependencies" => ["jboss.web.\"magnolia-bundled-webapp-4.4.4.war\" missing [ jboss.infinispan.web.___defaultcache ]"]}}}
At the very least the user should get a better error message explaining why their deployment failed.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
Default values are returned for attributes on non-existing resources
--------------------------------------------------------------------
Key: AS7-1960
URL: https://issues.jboss.org/browse/AS7-1960
Project: Application Server 7
Issue Type: Bug
Components: Domain Management
Affects Versions: 7.1.0.Alpha1
Reporter: Brian Stansberry
Priority: Minor
Fix For: 7.1.0.CR1
Alexey Loubyansky reported:
"I discovered that invoking read-attribute on an attribute that has a default value on a node that doesn't exist works well and returns the default value."
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
SPNEGO Across Cluster
---------------------
Key: SECURITY-127
URL: http://jira.jboss.com/jira/browse/SECURITY-127
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public (Everyone can see)
Components: Negotiation
Reporter: Darran Lofthouse
Assigned To: Darran Lofthouse
Use a distributed cache or re-authenticate at each node?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
JBossWS EJB Endpoints Defined With Custom Authenticators
--------------------------------------------------------
Key: SECURITY-140
URL: http://jira.jboss.com/jira/browse/SECURITY-140
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public (Everyone can see)
Components: Negotiation
Reporter: Darran Lofthouse
Assigned To: Darran Lofthouse
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
JBossWS Client SPNEGO Authentication
------------------------------------
Key: SECURITY-139
URL: http://jira.jboss.com/jira/browse/SECURITY-139
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public (Everyone can see)
Components: Negotiation
Reporter: Darran Lofthouse
Assigned To: Darran Lofthouse
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
Authentication Cache aware of ticket expiration
-----------------------------------------------
Key: SECURITY-137
URL: http://jira.jboss.com/jira/browse/SECURITY-137
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public (Everyone can see)
Components: Negotiation
Reporter: Darran Lofthouse
Assigned To: Darran Lofthouse
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
Non web invocations to server
-----------------------------
Key: SECURITY-130
URL: http://jira.jboss.com/jira/browse/SECURITY-130
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public (Everyone can see)
Components: Negotiation
Reporter: Darran Lofthouse
Assigned To: Darran Lofthouse
Kerberos based SSO can also be made possible for calls over other invokers and can also be used for message integrity and confidentiality.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira