[JBoss JIRA] (ELY-1030) Move TokenSecurityRealm to org.wildfly.security.auth.realm package
by Pedro Igor (JIRA)
[ https://issues.jboss.org/browse/ELY-1030?page=com.atlassian.jira.plugin.s... ]
Pedro Igor commented on ELY-1030:
---------------------------------
I would keep it as is. We can not make them default visibility as they can be used as an API when configuring the token realm itself.
> Move TokenSecurityRealm to org.wildfly.security.auth.realm package
> ------------------------------------------------------------------
>
> Key: ELY-1030
> URL: https://issues.jboss.org/browse/ELY-1030
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: Realms
> Reporter: Darran Lofthouse
> Assignee: Pedro Igor
> Priority: Critical
> Fix For: 1.1.0.Beta53
>
>
> The LDAP and JDBC realms have their own package as they have quite a few utility and configuration classes, the token realm only has one so I don't think we really need this one to be in it'own realm.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (ELY-1029) Support clients that provide an optional CallbackHandler
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-1029?page=com.atlassian.jira.plugin.s... ]
Darran Lofthouse resolved ELY-1029.
-----------------------------------
Resolution: Out of Date
Configuration is already taken into account.
> Support clients that provide an optional CallbackHandler
> --------------------------------------------------------
>
> Key: ELY-1029
> URL: https://issues.jboss.org/browse/ELY-1029
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: Authentication Client
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Priority: Blocker
> Fix For: 1.1.0.Beta53
>
>
> Clients such as the WildFly CLI provide a CallbackHandler implementation in case it is needed and not as a sign that it must be used, i.e. the desired outcome is that if the information required can be obtained from the configuration then authentication proceeds without interaction with the end user.
> Neither the CLI or the end user should be required to be fully aware of the underlying security configuration.
> This is similar to web browser HTTP authentication where there is only an interaction with the user if actually required.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month