[JBoss JIRA] (WFLY-448) Authorization Checks for Services over Remoting
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFLY-448?page=com.atlassian.jira.plugin.s... ]
Jason Greene updated WFLY-448:
------------------------------
Fix Version/s: 8.0.0.Final
(was: 8.0.0.CR1)
> Authorization Checks for Services over Remoting
> -----------------------------------------------
>
> Key: WFLY-448
> URL: https://issues.jboss.org/browse/WFLY-448
> Project: WildFly
> Issue Type: Task
> Security Level: Public(Everyone can see)
> Components: Security
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Labels: Authorization
> Fix For: 8.0.0.Final
>
>
> As all services are now moving to be exposed over Remoting connectors they can all be secured using the same realm. This task is to ensure each at the very least has a basis for an authorization check that can be extended for more complex service specific requirements.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 6 months
[JBoss JIRA] (WFLY-466) Detect JBossWS Configuration for @PermitAll endpoints within Undertow subsystem.
by Jason Greene (JIRA)
[ https://issues.jboss.org/browse/WFLY-466?page=com.atlassian.jira.plugin.s... ]
Jason Greene updated WFLY-466:
------------------------------
Fix Version/s: 8.0.0.Final
(was: 8.0.0.CR1)
> Detect JBossWS Configuration for @PermitAll endpoints within Undertow subsystem.
> --------------------------------------------------------------------------------
>
> Key: WFLY-466
> URL: https://issues.jboss.org/browse/WFLY-466
> Project: WildFly
> Issue Type: Task
> Security Level: Public(Everyone can see)
> Components: Web (JBoss Web)
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 8.0.0.Final
>
>
> UNDERTOW-38 has added the possibility of deploying web applications where authentication is mandated but no authorization checks are performed - this is required for integration use cases such as EJB endpoints where authorization checks are being left to the EJB container.
> This task is to update the Undertow susbsystem to detect this scenario and enable the new mode for UNDERTOW-38.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
10 years, 6 months