October 2015 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-211) Client-side trust store configuration

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-211?page=com.atlassian.jira.plugin.sy... ] David Lloyd updated ELY-211: ---------------------------- Component/s: Authentication Client > Client-side trust store configuration > ------------------------------------- > > Key: ELY-211 > URL: https://issues.jboss.org/browse/ELY-211 > Project: WildFly Elytron > Issue Type: Task > Components: Authentication Client > Reporter: David Lloyd > Assignee: David Lloyd > Fix For: 1.1.0.Alpha3 > > > Lest I forget. The client needs the ability to supplement the default trust store, to restrict the set of acceptable peer certificates/signers, for mutual authentication purposes. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-239) Make Anonumous auth set the anonymous principal name

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-239?page=com.atlassian.jira.plugin.sy... ] David Lloyd updated ELY-239: ---------------------------- Component/s: Authentication Client > Make Anonumous auth set the anonymous principal name > ---------------------------------------------------- > > Key: ELY-239 > URL: https://issues.jboss.org/browse/ELY-239 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Authentication Client > Reporter: Kabir Khan > Assignee: Kabir Khan > Fix For: 1.0.0.Alpha3 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-238) Recognise realm callback on digest server, and make authorize callback come last

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-238?page=com.atlassian.jira.plugin.sy... ] David Lloyd updated ELY-238: ---------------------------- Component/s: Authentication Mechanisms > Recognise realm callback on digest server, and make authorize callback come last > -------------------------------------------------------------------------------- > > Key: ELY-238 > URL: https://issues.jboss.org/browse/ELY-238 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Authentication Mechanisms > Reporter: Kabir Khan > Assignee: Kabir Khan > Fix For: 1.0.0.Alpha3 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-237) Make it possible to configure the realm used on the client

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-237?page=com.atlassian.jira.plugin.sy... ] David Lloyd updated ELY-237: ---------------------------- Component/s: Authentication Client > Make it possible to configure the realm used on the client > ---------------------------------------------------------- > > Key: ELY-237 > URL: https://issues.jboss.org/browse/ELY-237 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Authentication Client > Reporter: Kabir Khan > Assignee: Kabir Khan > Fix For: 1.0.0.Alpha3 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-221) Implement a better X.500 principal mapper

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-221?page=com.atlassian.jira.plugin.sy... ] David Lloyd updated ELY-221: ---------------------------- Component/s: API / SPI > Implement a better X.500 principal mapper > ----------------------------------------- > > Key: ELY-221 > URL: https://issues.jboss.org/browse/ELY-221 > Project: WildFly Elytron > Issue Type: Feature Request > Components: API / SPI > Reporter: David Lloyd > Fix For: 1.1.0.Alpha3 > > > We can provide something better than a flat string mapping. Some thoughts on requirements: > * Require that a minimum set of keys are present, else return {{null}} > * Allow piecewise assembly of principal names with the following components: > ** Static string > ** Single attribute value e.g. {{dc[0]}} > ** Joined attribute value (with optional subrange) e.g. {{dc:"."}} would convert {{dc=example,dc=com}} to {{example.com}} > ** Joined attribute value in reverse (with optional subrange) -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-212) Client-side SSL context configuration is subtly wrong

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-212?page=com.atlassian.jira.plugin.sy... ] David Lloyd updated ELY-212: ---------------------------- Component/s: Authentication Client > Client-side SSL context configuration is subtly wrong > ----------------------------------------------------- > > Key: ELY-212 > URL: https://issues.jboss.org/browse/ELY-212 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Client > Reporter: David Lloyd > Assignee: David Lloyd > Fix For: 1.1.0.Alpha3 > > > SSL context client-side configuration is problematic in that the SSL context is not (and cannot be) cached. This means that we lose SSL session reuse and other benefits which may cause problems for users. > However we also cannot just cache an SSL context on a configuration either - the client credentials may vary on each request, causing leakage between identities. > What we need to do is have a separate SSL context client configuration mechanism, and use the generic client context configuration to reference this SSL context client configuration. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-298) load-from/uri keystore xsd/parser mismatch

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-298?page=com.atlassian.jira.plugin.sy... ] David Lloyd updated ELY-298: ---------------------------- Component/s: Authentication Client > load-from/uri keystore xsd/parser mismatch > ------------------------------------------ > > Key: ELY-298 > URL: https://issues.jboss.org/browse/ELY-298 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Client > Reporter: Kabir Khan > Assignee: Darran Lofthouse > Fix For: 1.1.0.Alpha3 > > > The xsd has > {code} > <xsd:complexType name="key-store-type"> > <xsd:sequence minOccurs="1" maxOccurs="1"> >  > <xsd:choice minOccurs="1" maxOccurs="1"> > <xsd:element name="file" type="name-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="load-from" type="uri-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="resource" type="name-type" minOccurs="1" maxOccurs="1"/> > {code} > The parser seems to look for 'uri' rather than 'load-from' -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-292) Sasl server filtering with credential names

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-292?page=com.atlassian.jira.plugin.sy... ] David Lloyd updated ELY-292: ---------------------------- Component/s: Authentication Mechanisms > Sasl server filtering with credential names > ------------------------------------------- > > Key: ELY-292 > URL: https://issues.jboss.org/browse/ELY-292 > Project: WildFly Elytron > Issue Type: Task > Components: Authentication Mechanisms > Reporter: Jan Kalina > > Meaning of `FilterMechanismSaslServer` should change, as the way of getting credential was changed. In past it was base on data type of credential, now it is base on credential names. > See* `FilterMechanismSaslServer` constructor (filtering part commented out for now) > https://github.com/wildfly-security/wildfly-elytron/commit/1e32ef5a0033c3... -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-278) Add CBH to AuthenticationConfiguration overriding *some* callbacks

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-278?page=com.atlassian.jira.plugin.sy... ] David Lloyd updated ELY-278: ---------------------------- Component/s: Authentication Client > Add CBH to AuthenticationConfiguration overriding *some* callbacks > ------------------------------------------------------------------ > > Key: ELY-278 > URL: https://issues.jboss.org/browse/ELY-278 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Authentication Client > Reporter: Kabir Khan > Assignee: Kabir Khan > > SetPasswordCallbackHandlerAuthenticationConfiguration only allows overriding of PasswordCallback, CredentialCallback and CredentialParameterCallback. For OTP I need to handle PasswordCallback and ParameterCallback, as part of one class. > SetCallbackHandlerAuthenticationConfiguration on the other hand seems to consider being the only callback, meaning for OTP I will not be able to reuse logic for handling the principal and the extended choice (added as ELY-274) -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-332) Update ignored entity authentication test

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-332?page=com.atlassian.jira.plugin.sy... ] David Lloyd updated ELY-332: ---------------------------- Component/s: Testsuite > Update ignored entity authentication test > ----------------------------------------- > > Key: ELY-332 > URL: https://issues.jboss.org/browse/ELY-332 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Testsuite > Reporter: Farah Juma > Assignee: Farah Juma > > Update EntityTest#testServerPrivateKeyPublicKeyMismatch so that the certificate provided by the server has the correct algorithm (but still does not correspond to the server's private key). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira October 2015