[JBoss JIRA] (ELY-261) Rework (and move) UsernamePasswordHashUtil
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-261?page=com.atlassian.jira.plugin.sy... ]
Darran Lofthouse updated ELY-261:
---------------------------------
Fix Version/s: 1.1.0.Beta7
(was: 1.1.0.Beta6)
> Rework (and move) UsernamePasswordHashUtil
> ------------------------------------------
>
> Key: ELY-261
> URL: https://issues.jboss.org/browse/ELY-261
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: API / SPI, Passwords
> Reporter: Darran Lofthouse
> Fix For: 1.1.0.Beta7
>
>
> Firstly this class is not really SASL specific so should be in a general util package.
> Secondly we now have password specs and a PasswordFactory - if this class still has a future then maybe it should be using those instead of it's own custom implementation.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years
[JBoss JIRA] (ELY-257) Allow usage of properties to configure sasl server factories
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-257?page=com.atlassian.jira.plugin.sy... ]
Darran Lofthouse updated ELY-257:
---------------------------------
Fix Version/s: 1.1.0.Beta7
(was: 1.1.0.Beta6)
> Allow usage of properties to configure sasl server factories
> ------------------------------------------------------------
>
> Key: ELY-257
> URL: https://issues.jboss.org/browse/ELY-257
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: SASL
> Reporter: Kabir Khan
> Assignee: Darran Lofthouse
> Priority: Critical
> Fix For: 1.1.0.Beta7
>
>
> There is some discussion on https://github.com/wildfly-security/wildfly-elytron/pull/264. In this case the issue is that we have a ChannelBindingSaslServerFactory (and same for client) which provides a callback handler to deal with the channel binding callbacks needed by Gs2SaslServerFactory and Gs2SaslClientFactory. This is fine for when people create their own SaslServerFactory, and use that to create a SaslServer.
> However, if they want to call Sasl.createServer()/.createClient() they need to provide their own callback handler to deal with the channel binding types.
> One option would be to allow the usage of properties for this configuration needed by the factories.
> However, having slept on it, the callback handler passed in to Sasl.createXXX() would need to handle all callbacks. Is there a way to get a 'real' callback handler for a user wishing to instantiate clients/servers this way? Or is the intent that they have to write their own CBH?
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years
[JBoss JIRA] (ELY-251) More certain credential based mechanism selection.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-251?page=com.atlassian.jira.plugin.sy... ]
Darran Lofthouse updated ELY-251:
---------------------------------
Fix Version/s: 1.1.0.Beta7
(was: 1.1.0.Beta6)
> More certain credential based mechanism selection.
> --------------------------------------------------
>
> Key: ELY-251
> URL: https://issues.jboss.org/browse/ELY-251
> Project: WildFly Elytron
> Issue Type: Task
> Components: SASL
> Reporter: Darran Lofthouse
> Fix For: 1.1.0.Beta7
>
>
> When filtering authentication mechanisms we need to really be able to offer two modes: -
> 1 - Only offer a mech if we are sure it is supported.
> Risks only offering a weaker mechanism in a mixed domain but also eliminates mechanisms that could fail for a valid user that just happens to have a different credential type.
> 2- More general support.
> i.e. offer the mechs that may be supported.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years
[JBoss JIRA] (ELY-428) HTTP Mechanism configuration during deployment
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-428?page=com.atlassian.jira.plugin.sy... ]
Darran Lofthouse updated ELY-428:
---------------------------------
Fix Version/s: 1.1.0.Beta7
(was: 1.1.0.Beta6)
> HTTP Mechanism configuration during deployment
> ----------------------------------------------
>
> Key: ELY-428
> URL: https://issues.jboss.org/browse/ELY-428
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: HTTP
> Affects Versions: 1.0.2.Final
> Reporter: Pedro Igor
> Assignee: Darran Lofthouse
> Priority: Critical
> Fix For: 1.1.0.Beta7
>
>
> It should be possible to configure a HTTP mechanism during deployment in order to parse/load configuration and reuse it in subsequent requests to an application.
> The most common use case for that is around mechanisms that need to read some configuration from inside a deployment (or provided by the mech config) when it is being deployed to the server.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years
[JBoss JIRA] (ELY-422) Default SSLContext?
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-422?page=com.atlassian.jira.plugin.sy... ]
Darran Lofthouse updated ELY-422:
---------------------------------
Fix Version/s: 1.1.0.Beta7
(was: 1.1.0.Beta6)
> Default SSLContext?
> -------------------
>
> Key: ELY-422
> URL: https://issues.jboss.org/browse/ELY-422
> Project: WildFly Elytron
> Issue Type: Task
> Components: SSL
> Reporter: Darran Lofthouse
> Fix For: 1.1.0.Beta7
>
>
> We know we want one, what we don't know is exactly that it means and is it an Elytron concern or subsystem concern.
> One issue is within Elytron our SSLContext implementations are either server side specific or client side specific - we may even want to review if there is any way to review what it is being used for and act accordingly.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
10 years