[JBoss JIRA] (WFLY-2111) Enhance CallbackHandler / Realm Integration with lifecycle callbacks.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFLY-2111?page=com.atlassian.jira.plugin.... ]
Darran Lofthouse updated WFLY-2111:
-----------------------------------
Labels: authentication_service (was: )
> Enhance CallbackHandler / Realm Integration with lifecycle callbacks.
> ---------------------------------------------------------------------
>
> Key: WFLY-2111
> URL: https://issues.jboss.org/browse/WFLY-2111
> Project: WildFly
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Domain Management, Remoting, Security, Web (Undertow)
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Labels: authentication_service
> Fix For: 9.0.0.CR1
>
>
> The authentication / group loading interaction with security realms is a multi-step process, strictly speaking the realm is not actually involved in making the 'authenticated' decision - instead the callbacks allow the entry point to make that decision.
> As it is a multi-step process it is beneficial to cache resources between the steps e.g. connections to servers containing the actual users.
> As a bare minimum we need the 'org.jboss.as.domain.management.AuthorizingCallbackHandler' interface to have a method which is called to indicate that clean up can and should occur.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 5 months
[JBoss JIRA] (WFLY-2148) Cache role mapping results for the span of the overall operation
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFLY-2148?page=com.atlassian.jira.plugin.... ]
Darran Lofthouse updated WFLY-2148:
-----------------------------------
Labels: access_control management_security, (was: )
> Cache role mapping results for the span of the overall operation
> ----------------------------------------------------------------
>
> Key: WFLY-2148
> URL: https://issues.jboss.org/browse/WFLY-2148
> Project: WildFly
> Issue Type: Sub-task
> Security Level: Public(Everyone can see)
> Components: Domain Management
> Reporter: Brian Stansberry
> Assignee: Darran Lofthouse
> Labels: access_control, management_security,
> Fix For: 9.0.0.CR1
>
>
> Look into caching role mapping results for the duration of an overall operation. This would be an impl detail of the RoleMapper. With our standard mappers, the mapping results should not be changing in the middle of an operation, so I believe they should be cacheable.
> Likely place to cache them is as an attachment in a context object that will be passed in to the Authorizer. It would have to be passed in to the RoleMapper as well.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 5 months