April 2013 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-486) Implement Trust for users requesting to run as a different user.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-486?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated WFLY-486: ---------------------------------- Fix Version/s: 8.0.0.Alpha2 (was: 8.0.0.Alpha1) > Implement Trust for users requesting to run as a different user. > ---------------------------------------------------------------- > > Key: WFLY-486 > URL: https://issues.jboss.org/browse/WFLY-486 > Project: WildFly > Issue Type: Sub-task > Components: Remoting, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 8.0.0.Alpha2 > > > Where SASL is used for authentication users can request to authenticate as themselves but to be authorized to connect to the server as a different user. > A couple of examples where this could be used: - > - A user granting access to another user to log into their account. > - A user with two levels of access e.g. normal and admin and requesting they have admin level access. > Another area we are looking to use this feature is where one server connects to another server but want to be able to run requests on the remote server using the identity of a specified user. > This Jira issue is to enhance the security realms to allow for trust permissions to be defined - initially this will be local to a single realm but will subsequently be opened up to work across different realms. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-481) Add GSSAPI support to CLI

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-481?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated WFLY-481: ---------------------------------- Fix Version/s: 8.0.0.Alpha2 (was: 8.0.0.Alpha1) > Add GSSAPI support to CLI > ------------------------- > > Key: WFLY-481 > URL: https://issues.jboss.org/browse/WFLY-481 > Project: WildFly > Issue Type: Sub-task > Components: CLI, Domain Management > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Labels: Kerberos > Fix For: 8.0.0.Alpha2 > > > Once the Native interface supports GSSAPI then the CLI will also need to support this. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-475) Re-review CLI server certificate acceptance.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-475?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated WFLY-475: ---------------------------------- Fix Version/s: 8.0.0.Alpha2 (was: 8.0.0.Alpha1) > Re-review CLI server certificate acceptance. > -------------------------------------------- > > Key: WFLY-475 > URL: https://issues.jboss.org/browse/WFLY-475 > Project: WildFly > Issue Type: Task > Components: CLI > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Minor > Fix For: 8.0.0.Alpha2 > > > Can we remove the call loop and manage the user prompt and trust store replacement all within the trust manager? -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-379) Fix & re-enable ignored security tests

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-379?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated WFLY-379: ---------------------------------- Fix Version/s: 8.0.0.Alpha2 (was: 8.0.0.Alpha1) > Fix & re-enable ignored security tests > -------------------------------------- > > Key: WFLY-379 > URL: https://issues.jboss.org/browse/WFLY-379 > Project: WildFly > Issue Type: Sub-task > Components: Security > Affects Versions: 8.0.0.Alpha1 > Environment: AS8 with undertow > Reporter: Tomaz Cerar > Assignee: Darran Lofthouse > Fix For: 8.0.0.Alpha2 > > > AS8 with undertow fails few security tests. > This issue is here just for tracking what they are so they can be fixed -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-483) Allow more control over authentication for server to server communication through remote-outbound-connection

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-483?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated WFLY-483: ---------------------------------- Fix Version/s: 8.0.0.Alpha2 (was: 8.0.0.Alpha1) > Allow more control over authentication for server to server communication through remote-outbound-connection > ------------------------------------------------------------------------------------------------------------ > > Key: WFLY-483 > URL: https://issues.jboss.org/browse/WFLY-483 > Project: WildFly > Issue Type: Sub-task > Components: Remoting, Security > Reporter: jaikiran pai > Assignee: Darran Lofthouse > Fix For: 8.0.0.Alpha2 > > > Right now for server to server communication via a remote-outbound-connection, we expect a static username to be specified (along with the security realm). User applications which use this remote-outbound-connection, for example an EJB application, do not have much control over the user/pass information, since the username is static. This further acts a drawback since the username that's used to connect to the remote server will be used as the (application) user who invoked the EJB. > It would be good to allow more control over the authentication for the remote-outbound-connection. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-448) Authorization Checks for Services over Remoting

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-448?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated WFLY-448: ---------------------------------- Fix Version/s: 8.0.0.Alpha2 (was: 8.0.0.Alpha1) > Authorization Checks for Services over Remoting > ----------------------------------------------- > > Key: WFLY-448 > URL: https://issues.jboss.org/browse/WFLY-448 > Project: WildFly > Issue Type: Task > Components: Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Labels: Authorization > Fix For: 8.0.0.Alpha2 > > > As all services are now moving to be exposed over Remoting connectors they can all be secured using the same realm. This task is to ensure each at the very least has a basis for an authorization check that can be extended for more complex service specific requirements. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-466) Detect JBossWS Configuration for @PermitAll endpoints within Undertow subsystem.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-466?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated WFLY-466: ---------------------------------- Fix Version/s: 8.0.0.Alpha2 (was: 8.0.0.Alpha1) > Detect JBossWS Configuration for @PermitAll endpoints within Undertow subsystem. > -------------------------------------------------------------------------------- > > Key: WFLY-466 > URL: https://issues.jboss.org/browse/WFLY-466 > Project: WildFly > Issue Type: Task > Components: Web (JBoss Web) > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 8.0.0.Alpha2 > > > UNDERTOW-38 has added the possibility of deploying web applications where authentication is mandated but no authorization checks are performed - this is required for integration use cases such as EJB endpoints where authorization checks are being left to the EJB container. > This task is to update the Undertow susbsystem to detect this scenario and enable the new mode for UNDERTOW-38. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-488) Authorization check for JMX

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-488?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated WFLY-488: ---------------------------------- Fix Version/s: 8.0.0.Alpha2 (was: 8.0.0.Alpha1) > Authorization check for JMX > --------------------------- > > Key: WFLY-488 > URL: https://issues.jboss.org/browse/WFLY-488 > Project: WildFly > Issue Type: Sub-task > Components: JMX, Remoting, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Labels: Authorization > Fix For: 8.0.0.Alpha2 > > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-210) Point to explicit security doc in server.log

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-210?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated WFLY-210: ---------------------------------- Fix Version/s: 9.0.0.CR1 (was: 8.0.0.Alpha1) > Point to explicit security doc in server.log > -------------------------------------------- > > Key: WFLY-210 > URL: https://issues.jboss.org/browse/WFLY-210 > Project: WildFly > Issue Type: Enhancement > Components: Server > Environment: Thinkpad T510 w/ 4 cores, 8Gb, running CSB > Reporter: Chuck Mosher > Assignee: Darran Lofthouse > Priority: Minor > Labels: eap6-ux > Fix For: 9.0.0.CR1 > > > Nice to warn me (in the server.log) that I have a security issue due to the cluster admin/user pwd using the defaults. Warning tells me to look at the docs; would it be possible to put it the hyperlink to the specific doc? -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-423) Allow management of all current Remoting connections (inbound and outbound)

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-423?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated WFLY-423: ---------------------------------- Fix Version/s: 9.0.0.CR1 (was: 8.0.0.Alpha1) > Allow management of all current Remoting connections (inbound and outbound) > --------------------------------------------------------------------------- > > Key: WFLY-423 > URL: https://issues.jboss.org/browse/WFLY-423 > Project: WildFly > Issue Type: Task > Components: Remoting > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Labels: Remoting_Management > Fix For: 9.0.0.CR1 > > > This task is to make it possible to view the details of all currently established Remoting connections and to allow termination of these connections. > In addition to seeing the open connections it should be possible to see the channels opened by each connection. Also while starting on a connection first view you may also want to start on a channel first view i.e. all JNDI users or all EJB users. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

11 years, 8 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira April 2013