July 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-444) AuthorizationIdentity and PermissionMapper

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-444?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-444: --------------------------------- Fix Version/s: 1.1.0.Beta8 (was: 1.1.0.Beta7) > AuthorizationIdentity and PermissionMapper > ------------------------------------------ > > Key: ELY-444 > URL: https://issues.jboss.org/browse/ELY-444 > Project: WildFly Elytron > Issue Type: Enhancement > Components: API / SPI, Realms > Reporter: David Lloyd > Fix For: 1.1.0.Beta8 > > > When we initially designed the PermissionMapper we went to certain lengths to avoid exposing details of the realm. But now as the API has evolved it is clear that the permission mapper will need access to more information. The AuthorizationIdentity (or perhaps another object which includes the AuthorizationIdentity) should be made available to the permission mapper. > In addition, this object could be expanded to include more information about the authentication, for example mechanism-specific information, which can feed into the authorization decision and could be useful for other things. Examples include: authentication timestamp, mechanism name/kind, forwarding credentials, and other attributes which derive from the mechanism as opposed to the identity. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-443) Update KeyStore backed security realm to iterate it's entries to attempt to find a matching alias for the evidence.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-443?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-443: --------------------------------- Fix Version/s: 1.1.0.Beta8 (was: 1.1.0.Beta7) > Update KeyStore backed security realm to iterate it's entries to attempt to find a matching alias for the evidence. > ------------------------------------------------------------------------------------------------------------------- > > Key: ELY-443 > URL: https://issues.jboss.org/browse/ELY-443 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Realms > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta8 > > > Ideally an EvidenceDecoder would have been used up front but as this is technically possible to implement we should do so. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-433) Support verification of a users certificate against an LDAP Server

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-433?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-433: --------------------------------- Fix Version/s: 1.1.0.Beta8 (was: 1.1.0.Beta7) > Support verification of a users certificate against an LDAP Server > ------------------------------------------------------------------ > > Key: ELY-433 > URL: https://issues.jboss.org/browse/ELY-433 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Realms, SSL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta8 > > > This is specifically for authentication - NOT for general TrustManager requirements - another Jira issue is tracking looking into a KeyStore implementation backed by LDAP. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-439) Client Cert authentication using certificate passed from a proxy

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-439?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-439: --------------------------------- Fix Version/s: 1.1.0.Beta8 (was: 1.1.0.Beta7) > Client Cert authentication using certificate passed from a proxy > ---------------------------------------------------------------- > > Key: ELY-439 > URL: https://issues.jboss.org/browse/ELY-439 > Project: WildFly Elytron > Issue Type: Feature Request > Components: HTTP > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta8 > > > Undertow contains a feature where by the Proxy server can handle SSL and pass the certificate chain to Undertow - this is then used for the actual client cert authentication. > We need to cover this type of scenario within our generic HTTP authentication framework. > We could further wrap the SSLSession in a similar way Undertow does - or we could make the chain availbale as a fall back. > Related to this we also need to work on the different attachment contexts, that may affect how we consider SSLSession attachments. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-441) LDAP and GSSAPI tests are very slow

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-441?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-441: --------------------------------- Fix Version/s: 1.1.0.Beta8 (was: 1.1.0.Beta7) > LDAP and GSSAPI tests are very slow > ----------------------------------- > > Key: ELY-441 > URL: https://issues.jboss.org/browse/ELY-441 > Project: WildFly Elytron > Issue Type: Task > Components: Testsuite > Reporter: David Lloyd > Assignee: Darran Lofthouse > Priority: Minor > Fix For: 1.1.0.Beta8 > > > The LDAP and GSSAPI tests are very slow, which slows down the devel/build/test cycle fairly substantially. See if there is a way to reduce the overhead of these tests. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-432) Support setEnableSessionCreation on ServerSSLContextBuilder

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-432?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-432: --------------------------------- Fix Version/s: 1.1.0.Beta8 (was: 1.1.0.Beta7) > Support setEnableSessionCreation on ServerSSLContextBuilder > ----------------------------------------------------------- > > Key: ELY-432 > URL: https://issues.jboss.org/browse/ELY-432 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SSL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta8 > > > It is already possible to configure this one for XNIO and Undertow so we should add this config option to our own builder. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-430) Add HostnameVerifier implementation

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-430?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-430: --------------------------------- Fix Version/s: 1.1.0.Beta8 (was: 1.1.0.Beta7) > Add HostnameVerifier implementation > ----------------------------------- > > Key: ELY-430 > URL: https://issues.jboss.org/browse/ELY-430 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SSL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta8 > > > We should at the very least have a sensible default implementation checking the certificate against the host name. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-467) Integrate CredentialStore with mechanism configuration so mechanisms can obtain the credentials they require.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-467?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-467: --------------------------------- Fix Version/s: 1.1.0.Beta8 (was: 1.1.0.Beta7) > Integrate CredentialStore with mechanism configuration so mechanisms can obtain the credentials they require. > ------------------------------------------------------------------------------------------------------------- > > Key: ELY-467 > URL: https://issues.jboss.org/browse/ELY-467 > Project: WildFly Elytron > Issue Type: Feature Request > Components: API / SPI, Credential Store > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta8 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-457) SASL SAML Authentication Mechanism

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-457?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-457: --------------------------------- Fix Version/s: 1.1.0.Beta8 (was: 1.1.0.Beta7) > SASL SAML Authentication Mechanism > ---------------------------------- > > Key: ELY-457 > URL: https://issues.jboss.org/browse/ELY-457 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SASL > Reporter: Darran Lofthouse > Fix For: 1.1.0.Beta8 > > > https://tools.ietf.org/html/rfc6595 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-455) OAuth2 Credential Store

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-455?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-455: --------------------------------- Fix Version/s: 1.1.0.Beta8 (was: 1.1.0.Beta7) > OAuth2 Credential Store > ----------------------- > > Key: ELY-455 > URL: https://issues.jboss.org/browse/ELY-455 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Credential Store > Reporter: David Lloyd > Fix For: 1.1.0.Beta8 > > > Need an OAuth2 credential store which can acquire a cached OAuth2 token or instigate a new authentication. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira July 2016