[JBoss JIRA] (ELY-53) GSSAPI Make Delegated Credential Available
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-53?page=com.atlassian.jira.plugin.sys... ]
Darran Lofthouse updated ELY-53:
--------------------------------
Fix Version/s: 1.1.0.Beta41
(was: 1.1.0.Beta39)
> GSSAPI Make Delegated Credential Available
> ------------------------------------------
>
> Key: ELY-53
> URL: https://issues.jboss.org/browse/ELY-53
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: SASL
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 1.1.0.Beta41
>
>
> The server side of the mechanism can receive a delegated credential but there is no way to obtain it, we should provide a way for it to be obtained or provided.
> _Note: This may be an Elytron integration point rather than something supported in the pure SASL mechanism._
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years
[JBoss JIRA] (ELY-261) Rework (and move) UsernamePasswordHashUtil
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-261?page=com.atlassian.jira.plugin.sy... ]
Darran Lofthouse updated ELY-261:
---------------------------------
Fix Version/s: 1.1.0.Beta41
(was: 1.1.0.Beta39)
> Rework (and move) UsernamePasswordHashUtil
> ------------------------------------------
>
> Key: ELY-261
> URL: https://issues.jboss.org/browse/ELY-261
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: API / SPI, Passwords
> Reporter: Darran Lofthouse
> Fix For: 1.1.0.Beta41
>
>
> Firstly this class is not really SASL specific so should be in a general util package.
> Secondly we now have password specs and a PasswordFactory - if this class still has a future then maybe it should be using those instead of it's own custom implementation.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years
[JBoss JIRA] (ELY-151) Ability to supply additional information during credential acquisition
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-151?page=com.atlassian.jira.plugin.sy... ]
Darran Lofthouse updated ELY-151:
---------------------------------
Fix Version/s: 1.1.0.Beta41
(was: 1.1.0.Beta39)
> Ability to supply additional information during credential acquisition
> ----------------------------------------------------------------------
>
> Key: ELY-151
> URL: https://issues.jboss.org/browse/ELY-151
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: API / SPI, Passwords
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 1.1.0.Beta41
>
>
> I think this is the final known gap in our credential acquisition and validation API/SPI.
> There are a couple of specifications that also allow for additional information to be used when obtaining a representation of a users credential, the most obvious being the session based variant of digest authentication where a nonce and cnonce are also incorporated.
> A second variant with two different modes of operation would be the realm associated with the digest credential, currently we assume it is tightly associated with the storage representation of the credential but it could also be the case that the mech is requesting it for a specific realm.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years
[JBoss JIRA] (ELY-251) More certain credential based mechanism selection.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-251?page=com.atlassian.jira.plugin.sy... ]
Darran Lofthouse updated ELY-251:
---------------------------------
Fix Version/s: 1.1.0.Beta41
(was: 1.1.0.Beta39)
> More certain credential based mechanism selection.
> --------------------------------------------------
>
> Key: ELY-251
> URL: https://issues.jboss.org/browse/ELY-251
> Project: WildFly Elytron
> Issue Type: Task
> Components: SASL
> Reporter: Darran Lofthouse
> Fix For: 1.1.0.Beta41
>
>
> When filtering authentication mechanisms we need to really be able to offer two modes: -
> 1 - Only offer a mech if we are sure it is supported.
> Risks only offering a weaker mechanism in a mixed domain but also eliminates mechanisms that could fail for a valid user that just happens to have a different credential type.
> 2- More general support.
> i.e. offer the mechs that may be supported.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years