November 2015 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-380) Reduce visibility of LdapSecurityRealm a builder is provided.

by Darran Lofthouse (JIRA)

Darran Lofthouse created ELY-380: ------------------------------------ Summary: Reduce visibility of LdapSecurityRealm a builder is provided. Key: ELY-380 URL: https://issues.jboss.org/browse/ELY-380 Project: WildFly Elytron Issue Type: Task Components: Realms Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 1.1.0.Beta3 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-379) New package name for realm implementations

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-379?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse commented on ELY-379: -------------------------------------- Also double check test cases as these most likely will need to move. > New package name for realm implementations > ------------------------------------------ > > Key: ELY-379 > URL: https://issues.jboss.org/browse/ELY-379 > Project: WildFly Elytron > Issue Type: Task > Components: Realms > Reporter: Darran Lofthouse > Priority: Blocker > Fix For: 1.1.0.Beta3 > > > Set to blocker as we should get this in the next Beta so we can fix the subsystem. > Currently in the package 'org.wildfly.security.auth.provider' but they are not related to providers - security realms are not even loaded using a provider !! -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-379) New package name for realm implementations

by Darran Lofthouse (JIRA)

Darran Lofthouse created ELY-379: ------------------------------------ Summary: New package name for realm implementations Key: ELY-379 URL: https://issues.jboss.org/browse/ELY-379 Project: WildFly Elytron Issue Type: Task Components: Realms Reporter: Darran Lofthouse Priority: Blocker Fix For: 1.1.0.Beta3 Set to blocker as we should get this in the next Beta so we can fix the subsystem. Currently in the package 'org.wildfly.security.auth.provider' but they are not related to providers - security realms are not even loaded using a provider !! -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-200) Add a set of standard HTTP authentication mechanisms

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-200?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-200: --------------------------------- Fix Version/s: 1.1.0.Beta3 (was: 1.1.0.Beta2) > Add a set of standard HTTP authentication mechanisms > ---------------------------------------------------- > > Key: ELY-200 > URL: https://issues.jboss.org/browse/ELY-200 > Project: WildFly Elytron > Issue Type: Enhancement > Components: HTTP > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta3 > > > i.e. BASIC, DIGEST, CLENT_CERT, FORM (Generic), SPNEGO -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-181) Review JACC in Servlet and EJB subsystems

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-181?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-181: --------------------------------- Fix Version/s: 1.1.0.Beta3 (was: 1.1.0.Beta2) > Review JACC in Servlet and EJB subsystems > ----------------------------------------- > > Key: ELY-181 > URL: https://issues.jboss.org/browse/ELY-181 > Project: WildFly Elytron > Issue Type: Sub-task > Components: API / SPI > Reporter: Pedro Igor > Assignee: Pedro Igor > Fix For: 1.1.0.Beta3 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-153) Support DigestCredential with a specified realm name

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-153?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-153: --------------------------------- Fix Version/s: 1.1.0.Beta3 (was: 1.1.0.Beta2) > Support DigestCredential with a specified realm name > ---------------------------------------------------- > > Key: ELY-153 > URL: https://issues.jboss.org/browse/ELY-153 > Project: WildFly Elytron > Issue Type: Sub-task > Components: Passwords > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta3 > > > This would imply the password is retrievable and the realm associated by the authentication mechanism. > I see the following scenarios to be covered by this: - > - Realm that does not store pre-hashed and so is open to the mechanism providing the realm name. > - Realms where one or more realm names may be in use. > - One identity with multiple credentials each with a different realm. > - Different realms used for different identities but no more than one per identity. > If this is accomplished using a CallbackHandler then there are couple of Callback options: - > 1. getCredentialSupport on the realm, a RealmChoiceCallback can be used by a realm that advertises all the realm names it knows, where realm names are selected the response can take into account if all or some of the identities in that realm have a credential stored for that realm. > 2. getCredentialSupport on the realm can also support RealmCallback, in this case the mechanism specifies one realm name. > 3. These two can be repeated on the RealmIdentity, in that case however as a specific identity is being referenced the response can be much more specific. > 4. On getCredential the Callbacks can both be supported but in both cases can allow the selection of a single realm. > Another option could be an extension to RealmChoiceCallback that also indicates the level of support for each realm it contains. > Whilst exploring this, being able to identify the message digest algorithm support level should also be considered in parallel. > Also I see solving this as a simple pre-requisite for ELY-154 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-141) Add a Credential to Name Resolver SPI

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-141?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-141: --------------------------------- Fix Version/s: 1.1.0.Beta3 (was: 1.1.0.Beta2) > Add a Credential to Name Resolver SPI > ------------------------------------- > > Key: ELY-141 > URL: https://issues.jboss.org/browse/ELY-141 > Project: WildFly Elytron > Issue Type: Feature Request > Components: API / SPI > Reporter: Darran Lofthouse > Fix For: 1.1.0.Beta3 > > > We are predominantly considering this in the context of the validation side of the API. > However should still not exclude the possibility that after obtaining a RealmIdentity the validation may still be performed in the mechanism. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-53) GSSAPI Make Delegated Credential Available

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-53?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-53: -------------------------------- Fix Version/s: 1.1.0.Beta3 (was: 1.1.0.Beta2) > GSSAPI Make Delegated Credential Available > ------------------------------------------ > > Key: ELY-53 > URL: https://issues.jboss.org/browse/ELY-53 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SASL > Reporter: Darran Lofthouse > Fix For: 1.1.0.Beta3 > > > The server side of the mechanism can receive a delegated credential but there is no way to obtain it, we should provide a way for it to be obtained or provided. > _Note: This may be an Elytron integration point rather than something supported in the pure SASL mechanism._ -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-54) Support for stronger hashes as alternatives to MD5

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-54?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-54: -------------------------------- Fix Version/s: 1.1.0.Beta3 (was: 1.1.0.Beta2) > Support for stronger hashes as alternatives to MD5 > -------------------------------------------------- > > Key: ELY-54 > URL: https://issues.jboss.org/browse/ELY-54 > Project: WildFly Elytron > Issue Type: Feature Request > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta3 > > > Presently Digest authentication is based on MD5 - however we should either update the mechanism or add new mechanisms to support the use of stronger hashes. > As this library is used both client and server side installations that require the stronger hashes can just ensure the client and server have the latest version of this library - installations that still require interaction with MD5 will need to ensure that it is still available as a mechanism. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-355) HTTP Authentication Mechanism Testing

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-355?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-355: --------------------------------- Fix Version/s: 1.1.0.Beta3 (was: 1.1.0.Beta2) > HTTP Authentication Mechanism Testing > ------------------------------------- > > Key: ELY-355 > URL: https://issues.jboss.org/browse/ELY-355 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Testsuite > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta3 > > > We don't want to create a full HTTP server but we should have a sufficient wrapper to test the HTTP authentication framework and test out specific mechanims. > This will leave the Elytron Web project to smoke test integration and not focus on testing the actual mechanisms. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira November 2015