January 2015 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-18) Add PicketLink based realm implementation

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-18?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-18: -------------------------------- Fix Version/s: 1.0.0.Beta1 (was: 1.0.0.Alpha1) > Add PicketLink based realm implementation > ----------------------------------------- > > Key: ELY-18 > URL: https://issues.jboss.org/browse/ELY-18 > Project: WildFly Elytron > Issue Type: Sub-task > Reporter: Darran Lofthouse > Fix For: 1.0.0.Beta1 > > -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-25) Authentication (and identity loading) lifecycle.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-25?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-25: -------------------------------- Fix Version/s: 1.0.0.Beta1 (was: 1.0.0.Alpha1) > Authentication (and identity loading) lifecycle. > ------------------------------------------------ > > Key: ELY-25 > URL: https://issues.jboss.org/browse/ELY-25 > Project: WildFly Elytron > Issue Type: Task > Components: API / SPI > Reporter: Darran Lofthouse > Fix For: 1.0.0.Beta1 > > > Just a place holder to think about this one, anything involved in the process may need to know when the current round trip finishes. > e.g. Once an LDAP connection is obtained we may want to cache it for the duration of the request which means we need to clean it up at the appropriate time. > Alternatively some form of pool may be sufficient but just raising this issue so we ensure it is covered one way or another. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-37) Audit Logging Integration

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-37?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-37: -------------------------------- Fix Version/s: 1.0.0.Beta1 (was: 1.0.0.Alpha1) > Audit Logging Integration > ------------------------- > > Key: ELY-37 > URL: https://issues.jboss.org/browse/ELY-37 > Project: WildFly Elytron > Issue Type: Task > Components: API / SPI, Audit > Reporter: Darran Lofthouse > Fix For: 1.0.0.Beta1 > > -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-66) SASL Proxy

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-66?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-66: -------------------------------- Fix Version/s: 1.0.0.Beta1 (was: 1.0.0.Alpha1) > SASL Proxy > ---------- > > Key: ELY-66 > URL: https://issues.jboss.org/browse/ELY-66 > Project: WildFly Elytron > Issue Type: Task > Reporter: Darran Lofthouse > Assignee: David Lloyd > Fix For: 1.0.0.Beta1 > > -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-42) Vault

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-42?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-42: -------------------------------- Fix Version/s: 1.0.0.Beta1 (was: 1.0.0.Alpha1) > Vault > ----- > > Key: ELY-42 > URL: https://issues.jboss.org/browse/ELY-42 > Project: WildFly Elytron > Issue Type: Feature Request > Components: API / SPI > Reporter: Darran Lofthouse > Assignee: Peter Skopek > Fix For: 1.0.0.Beta1 > > -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-108) Add ability for security domains to create SaslServers directly from config

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-108?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-108: --------------------------------- Fix Version/s: 1.0.0.Beta1 (was: 1.0.0.Alpha1) > Add ability for security domains to create SaslServers directly from config > --------------------------------------------------------------------------- > > Key: ELY-108 > URL: https://issues.jboss.org/browse/ELY-108 > Project: WildFly Elytron > Issue Type: Enhancement > Components: API / SPI > Reporter: David Lloyd > Assignee: David Lloyd > Fix For: 1.0.0.Beta1 > > -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-54) Support for stronger hashes as alternatives to MD5

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-54?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-54: -------------------------------- Fix Version/s: 1.0.0.Beta1 (was: 1.0.0.Alpha1) > Support for stronger hashes as alternatives to MD5 > -------------------------------------------------- > > Key: ELY-54 > URL: https://issues.jboss.org/browse/ELY-54 > Project: WildFly Elytron > Issue Type: Feature Request > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.0.0.Beta1 > > > Presently Digest authentication is based on MD5 - however we should either update the mechanism or add new mechanisms to support the use of stronger hashes. > As this library is used both client and server side installations that require the stronger hashes can just ensure the client and server have the latest version of this library - installations that still require interaction with MD5 will need to ensure that it is still available as a mechanism. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-36) Server Authentication Context Lifecycle

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-36?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-36: -------------------------------- Fix Version/s: 1.0.0.Beta1 (was: 1.0.0.Alpha1) > Server Authentication Context Lifecycle > --------------------------------------- > > Key: ELY-36 > URL: https://issues.jboss.org/browse/ELY-36 > Project: WildFly Elytron > Issue Type: Task > Components: API / SPI > Reporter: Darran Lofthouse > Fix For: 1.0.0.Beta1 > > > The authentication context is used with a sequence of calls during the authentication process, this task is to look into how we can apply a lifecycle to that so that appropriate clean up can be performed. > This could be closely related to ELY-35 which specifically looks at outcome notification. > When considering a lifecycle I think we have two key events to think about, the most natural one being once the authentication process is complete regardless of outcome - however should also consider intermediate responses going back to the client - we do not want to be holding onto expensive resources once we pass control back to the client as that risks a Dos based attack. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-53) GSSAPI Make Delegated Credential Available

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-53?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-53: -------------------------------- Fix Version/s: 1.0.0.Beta1 (was: 1.0.0.Alpha1) > GSSAPI Make Delegated Credential Available > ------------------------------------------ > > Key: ELY-53 > URL: https://issues.jboss.org/browse/ELY-53 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SASL > Reporter: Darran Lofthouse > Fix For: 1.0.0.Beta1 > > > The server side of the mechanism can receive a delegated credential but there is no way to obtain it, we should provide a way for it to be obtained or provided. > _Note: This may be an Elytron integration point rather than something supported in the pure SASL mechanism._ -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-122) Make use of factory from SASL-71 to obtain Subject for GSSAPI

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-122?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-122: --------------------------------- Fix Version/s: 1.0.0.Beta1 (was: 1.0.0.Alpha1) > Make use of factory from SASL-71 to obtain Subject for GSSAPI > ------------------------------------------------------------- > > Key: ELY-122 > URL: https://issues.jboss.org/browse/ELY-122 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SASL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.0.0.Beta1 > > > By default we rely on the AccessControlContext in place at the time the SaslServer is created, the use of a factory allows greater control of the Subject in use especially in a managed environment. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 11 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2015