August 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-154) Session based DigestCredential support

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-154?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-154: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > Session based DigestCredential support > -------------------------------------- > > Key: ELY-154 > URL: https://issues.jboss.org/browse/ELY-154 > Project: WildFly Elytron > Issue Type: Sub-task > Components: Passwords > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta9 > > > DigestCredential but where additional information is included such as nonce and cnonce to create a credential applicable to a session. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-572) Update the GSSAPI SASL mechanism to use the ServerCredentialCallback(GSSCredentialCredential.class)

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-572?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-572: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > Update the GSSAPI SASL mechanism to use the ServerCredentialCallback(GSSCredentialCredential.class) > --------------------------------------------------------------------------------------------------- > > Key: ELY-572 > URL: https://issues.jboss.org/browse/ELY-572 > Project: WildFly Elytron > Issue Type: Bug > Components: SASL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 1.1.0.Beta9 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-262) The equivalent of wrap and unwrap for HTTP authentication mechanisms

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-262?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-262: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > The equivalent of wrap and unwrap for HTTP authentication mechanisms > -------------------------------------------------------------------- > > Key: ELY-262 > URL: https://issues.jboss.org/browse/ELY-262 > Project: WildFly Elytron > Issue Type: Sub-task > Components: HTTP > Reporter: Darran Lofthouse > Fix For: 1.1.0.Beta9 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-257) Allow usage of properties to configure sasl server factories

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-257?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-257: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > Allow usage of properties to configure sasl server factories > ------------------------------------------------------------ > > Key: ELY-257 > URL: https://issues.jboss.org/browse/ELY-257 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SASL > Reporter: Kabir Khan > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 1.1.0.Beta9 > > > There is some discussion on https://github.com/wildfly-security/wildfly-elytron/pull/264. In this case the issue is that we have a ChannelBindingSaslServerFactory (and same for client) which provides a callback handler to deal with the channel binding callbacks needed by Gs2SaslServerFactory and Gs2SaslClientFactory. This is fine for when people create their own SaslServerFactory, and use that to create a SaslServer. > However, if they want to call Sasl.createServer()/.createClient() they need to provide their own callback handler to deal with the channel binding types. > One option would be to allow the usage of properties for this configuration needed by the factories. > However, having slept on it, the callback handler passed in to Sasl.createXXX() would need to handle all callbacks. Is there a way to get a 'real' callback handler for a user wishing to instantiate clients/servers this way? Or is the intent that they have to write their own CBH? -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-251) More certain credential based mechanism selection.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-251?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-251: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > More certain credential based mechanism selection. > -------------------------------------------------- > > Key: ELY-251 > URL: https://issues.jboss.org/browse/ELY-251 > Project: WildFly Elytron > Issue Type: Task > Components: SASL > Reporter: Darran Lofthouse > Fix For: 1.1.0.Beta9 > > > When filtering authentication mechanisms we need to really be able to offer two modes: - > 1 - Only offer a mech if we are sure it is supported. > Risks only offering a weaker mechanism in a mixed domain but also eliminates mechanisms that could fail for a valid user that just happens to have a different credential type. > 2- More general support. > i.e. offer the mechs that may be supported. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-53) GSSAPI Make Delegated Credential Available

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-53?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-53: -------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > GSSAPI Make Delegated Credential Available > ------------------------------------------ > > Key: ELY-53 > URL: https://issues.jboss.org/browse/ELY-53 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SASL > Reporter: Darran Lofthouse > Fix For: 1.1.0.Beta9 > > > The server side of the mechanism can receive a delegated credential but there is no way to obtain it, we should provide a way for it to be obtained or provided. > _Note: This may be an Elytron integration point rather than something supported in the pure SASL mechanism._ -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-214) Add support for OpenSSL-style key and certificate files

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-214?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-214: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > Add support for OpenSSL-style key and certificate files > ------------------------------------------------------- > > Key: ELY-214 > URL: https://issues.jboss.org/browse/ELY-214 > Project: WildFly Elytron > Issue Type: Enhancement > Components: KeyStores > Reporter: David Lloyd > Assignee: Pedro Igor > Fix For: 1.1.0.Beta9 > > > Do the following: > * Research the various supported key and cert file formats supported by OpenSSL > * Determine what the JSSE equivalent is of each, if any > * Add {{KeyStore}} support for keys of any type or format which is not supported by JSSE -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-208) Update SASL mechanism testing to also be domain backed.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-208?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-208: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > Update SASL mechanism testing to also be domain backed. > ------------------------------------------------------- > > Key: ELY-208 > URL: https://issues.jboss.org/browse/ELY-208 > Project: WildFly Elytron > Issue Type: Task > Components: Testsuite > Reporter: Darran Lofthouse > Assignee: Kabir Khan > Fix For: 1.1.0.Beta9 > > > There may be a little bit more work required before this is possible but we need to ensure SASL mechanisms are also tested using a CallbackHandler they are likely to encounter which will really be the one from ServerAuthenticationContext. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-286) HTTP Digest Authentication

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-286?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-286: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > HTTP Digest Authentication > -------------------------- > > Key: ELY-286 > URL: https://issues.jboss.org/browse/ELY-286 > Project: WildFly Elytron > Issue Type: Sub-task > Components: HTTP > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta9 > > > Original Digest RFC [https://tools.ietf.org/html/rfc2069] > Current Digest RFC [https://tools.ietf.org/html/rfc2617] > HTTP 1.1 Authentication (Updates RFC2617) [https://tools.ietf.org/html/rfc7235] > Draft currently under discussion - [https://datatracker.ietf.org/doc/draft-ietf-httpauth-digest/] > RFC7616 Now Proposed Standard > "HTTP Digest Access Authentication", September 2015 > [https://www.rfc-editor.org/info/rfc7616] -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-422) Default SSLContext?

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-422?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-422: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > Default SSLContext? > ------------------- > > Key: ELY-422 > URL: https://issues.jboss.org/browse/ELY-422 > Project: WildFly Elytron > Issue Type: Task > Components: SSL > Reporter: Darran Lofthouse > Fix For: 1.1.0.Beta9 > > > We know we want one, what we don't know is exactly that it means and is it an Elytron concern or subsystem concern. > One issue is within Elytron our SSLContext implementations are either server side specific or client side specific - we may even want to review if there is any way to review what it is being used for and act accordingly. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira August 2016