September 2015 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-293) Add file based auth to http management interface

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-293?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-293: --------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > Add file based auth to http management interface > ------------------------------------------------ > > Key: ELY-293 > URL: https://issues.jboss.org/browse/ELY-293 > Project: WildFly Elytron > Issue Type: Feature Request > Components: HTTP > Reporter: Max Rydahl Andersen > Assignee: Darran Lofthouse > Fix For: 1.1.0.Alpha2 > > > usecase: allow clients using http api to use the file based auth so they do not have to rely on the binary protocol and remoting. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-268) Review how mechanisms meet HttpAuthenticator

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-268?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-268: --------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > Review how mechanisms meet HttpAuthenticator > -------------------------------------------- > > Key: ELY-268 > URL: https://issues.jboss.org/browse/ELY-268 > Project: WildFly Elytron > Issue Type: Sub-task > Components: HTTP > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Alpha2 > > > The current implementation is using a Supplier<List<HttpServerAuthenticationMechanism>> when get is called on this Supplier a ServerAuthenticationContext needs to be created, then all possible mechanisms need to be queried before the list of mechanisms is created. > The HTTP Authenticator is created per request. API may be fine but we may need an easier way to provide all the mechanisms. > Will look at that one later once hot deployment is also considered fully. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-270) Support separated columns for salt and cost when using the PasswordKeyMapper

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-270?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-270: --------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > Support separated columns for salt and cost when using the PasswordKeyMapper > ---------------------------------------------------------------------------- > > Key: ELY-270 > URL: https://issues.jboss.org/browse/ELY-270 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Realms > Affects Versions: 1.0.0.Alpha3 > Reporter: Pedro Igor > Assignee: Pedro Igor > Fix For: 1.1.0.Alpha2 > > > Currently, the ```PasswordKeyMapper``` is only supporting BCRYPT passwords if they are stored using the Modular Crypt format. > Should also be possible to map BCRYPT passwords using separated columns for hash, salt and cost. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-279) Support CORS

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-279?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-279: --------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > Support CORS > ------------ > > Key: ELY-279 > URL: https://issues.jboss.org/browse/ELY-279 > Project: WildFly Elytron > Issue Type: Feature Request > Components: HTTP > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Alpha2 > > > This is something that can possibly be tied in around the HTTP authentication framework meaning that the control of this can live in the HTTP authentication policy within Elytron rather than at the front end. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-262) The equivalent of wrap and unwrap for HTTP authentication mechanisms

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-262?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-262: --------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > The equivalent of wrap and unwrap for HTTP authentication mechanisms > -------------------------------------------------------------------- > > Key: ELY-262 > URL: https://issues.jboss.org/browse/ELY-262 > Project: WildFly Elytron > Issue Type: Sub-task > Components: HTTP > Reporter: Darran Lofthouse > Fix For: 1.1.0.Alpha2 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-208) Update SASL mechanism testing to also be domain backed.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-208?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-208: --------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > Update SASL mechanism testing to also be domain backed. > ------------------------------------------------------- > > Key: ELY-208 > URL: https://issues.jboss.org/browse/ELY-208 > Project: WildFly Elytron > Issue Type: Task > Components: Testsuite > Reporter: Darran Lofthouse > Assignee: Kabir Khan > Fix For: 1.1.0.Alpha2 > > > There may be a little bit more work required before this is possible but we need to ensure SASL mechanisms are also tested using a CallbackHandler they are likely to encounter which will really be the one from ServerAuthenticationContext. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-232) AuthorizeCallback shall be last

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-232?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-232: --------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > AuthorizeCallback shall be last > ------------------------------- > > Key: ELY-232 > URL: https://issues.jboss.org/browse/ELY-232 > Project: WildFly Elytron > Issue Type: Bug > Components: SASL > Reporter: David Lloyd > Fix For: 1.1.0.Alpha2 > > > Go through each SASL server mechanism and ensure that AuthorizeCallback is checked last (after credential/password verification, user name assignment, realm checks, etc.). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-251) More certain credential based mechanism selection.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-251?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-251: --------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > More certain credential based mechanism selection. > -------------------------------------------------- > > Key: ELY-251 > URL: https://issues.jboss.org/browse/ELY-251 > Project: WildFly Elytron > Issue Type: Task > Components: SASL > Reporter: Darran Lofthouse > Fix For: 1.1.0.Alpha2 > > > When filtering authentication mechanisms we need to really be able to offer two modes: - > 1 - Only offer a mech if we are sure it is supported. > Risks only offering a weaker mechanism in a mixed domain but also eliminates mechanisms that could fail for a valid user that just happens to have a different credential type. > 2- More general support. > i.e. offer the mechs that may be supported. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-54) Support for stronger hashes as alternatives to MD5

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-54?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-54: -------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > Support for stronger hashes as alternatives to MD5 > -------------------------------------------------- > > Key: ELY-54 > URL: https://issues.jboss.org/browse/ELY-54 > Project: WildFly Elytron > Issue Type: Feature Request > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Alpha2 > > > Presently Digest authentication is based on MD5 - however we should either update the mechanism or add new mechanisms to support the use of stronger hashes. > As this library is used both client and server side installations that require the stronger hashes can just ensure the client and server have the latest version of this library - installations that still require interaction with MD5 will need to ensure that it is still available as a mechanism. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-95) Password types should generate a salt if none is given

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-95?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-95: -------------------------------- Fix Version/s: 1.1.0.Alpha2 (was: 1.1.0.Alpha1) > Password types should generate a salt if none is given > ------------------------------------------------------ > > Key: ELY-95 > URL: https://issues.jboss.org/browse/ELY-95 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Passwords > Reporter: David Lloyd > Fix For: 1.1.0.Alpha2 > > > Password types such as {{crypt-md5}} should be able to generate a password from a {{ClearPasswordSpec}} by generating a simple random salt. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

10 years, 7 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira September 2015