[JBoss JIRA] (ELY-387) Override, rather than supplement, name rewriters from mech configs
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-387?page=com.atlassian.jira.plugin.sy... ]
Darran Lofthouse updated ELY-387:
---------------------------------
Fix Version/s: 1.1.0.Beta4
(was: 1.1.0.Beta3)
> Override, rather than supplement, name rewriters from mech configs
> ------------------------------------------------------------------
>
> Key: ELY-387
> URL: https://issues.jboss.org/browse/ELY-387
> Project: WildFly Elytron
> Issue Type: Task
> Components: API / SPI
> Reporter: David Lloyd
> Assignee: David Lloyd
> Fix For: 1.1.0.Beta4
>
>
> Supplementing causes a lot of complexity, not least of which revolves around the fact that the user cannot change the order in which the 9 (!) rewriters run.
> Instead go back to the three-stage system, but let mech & mech realm configurations override each stage. The user can use delegation or copying to restore supplementary behavior.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 7 months
[JBoss JIRA] (ELY-383) Update ServerAuthenticationContext to carry an identity from start to end
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-383?page=com.atlassian.jira.plugin.sy... ]
Darran Lofthouse updated ELY-383:
---------------------------------
Fix Version/s: 1.1.0.Beta4
(was: 1.1.0.Beta3)
> Update ServerAuthenticationContext to carry an identity from start to end
> -------------------------------------------------------------------------
>
> Key: ELY-383
> URL: https://issues.jboss.org/browse/ELY-383
> Project: WildFly Elytron
> Issue Type: Task
> Components: API / SPI
> Reporter: David Lloyd
> Assignee: David Lloyd
> Fix For: 1.1.0.Beta4
>
> Attachments: Blank Flowchart - ServerAuthenticationContext.png
>
>
> The {{ServerAuthenticationContext}} should capture the identity in force for its domain when it is constructed. Any authorization attempt should always apply to the current identity - either the captured identity, or whatever the last successfully authorized identity was in the context.
> The attached state diagram should accurately summarize how authorization identity flows through. Authentication identity is only available during the "NAME ASSIGNED" state; once authorization occurs, the authentication identity is no longer useful and is disposed.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 7 months
[JBoss JIRA] (WFCORE-1228) Follow up on WFCORE-1202 and make the configuration available in the management model.
by Darran Lofthouse (JIRA)
Darran Lofthouse created WFCORE-1228:
----------------------------------------
Summary: Follow up on WFCORE-1202 and make the configuration available in the management model.
Key: WFCORE-1228
URL: https://issues.jboss.org/browse/WFCORE-1228
Project: WildFly Core
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Critical
Fix For: 3.0.0.Alpha1
WFCORE-1102 makes use of a system property for configuration, this needs moving into the management model.
The system property should remain supported for backwards compatibility for those migrating from servers that relied on it.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years, 7 months