June 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-251) More certain credential based mechanism selection.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-251?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-251: --------------------------------- Fix Version/s: 1.1.0.CR2 (was: 1.1.0.CR1) > More certain credential based mechanism selection. > -------------------------------------------------- > > Key: ELY-251 > URL: https://issues.jboss.org/browse/ELY-251 > Project: WildFly Elytron > Issue Type: Task > Components: SASL > Reporter: Darran Lofthouse > Fix For: 1.1.0.CR2 > > > When filtering authentication mechanisms we need to really be able to offer two modes: - > 1 - Only offer a mech if we are sure it is supported. > Risks only offering a weaker mechanism in a mixed domain but also eliminates mechanisms that could fail for a valid user that just happens to have a different credential type. > 2- More general support. > i.e. offer the mechs that may be supported. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 10 months

1
0
0 / 0

[JBoss JIRA] (ELY-452) CSIv2 Integration

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-452?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-452: --------------------------------- Fix Version/s: 1.1.0.CR2 (was: 1.1.0.CR1) > CSIv2 Integration > ----------------- > > Key: ELY-452 > URL: https://issues.jboss.org/browse/ELY-452 > Project: WildFly Elytron > Issue Type: Feature Request > Components: API / SPI > Reporter: Darran Lofthouse > Fix For: 1.1.0.CR2 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 10 months

1
0
0 / 0

[JBoss JIRA] (ELY-447) SSLContext that can be registered as the default and differentiate between client and server.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-447?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-447: --------------------------------- Fix Version/s: 1.1.0.CR2 (was: 1.1.0.CR1) > SSLContext that can be registered as the default and differentiate between client and server. > --------------------------------------------------------------------------------------------- > > Key: ELY-447 > URL: https://issues.jboss.org/browse/ELY-447 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SSL > Reporter: Darran Lofthouse > Fix For: 1.1.0.CR2 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 10 months

1
0
0 / 0

[JBoss JIRA] (ELY-443) Update KeyStore backed security realm to iterate it's entries to attempt to find a matching alias for the evidence.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-443?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-443: --------------------------------- Fix Version/s: 1.1.0.CR2 (was: 1.1.0.CR1) > Update KeyStore backed security realm to iterate it's entries to attempt to find a matching alias for the evidence. > ------------------------------------------------------------------------------------------------------------------- > > Key: ELY-443 > URL: https://issues.jboss.org/browse/ELY-443 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Realms > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.CR2 > > > Ideally an EvidenceDecoder would have been used up front but as this is technically possible to implement we should do so. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 10 months

1
0
0 / 0

[JBoss JIRA] (ELY-439) Client Cert authentication using certificate passed from a proxy

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-439?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-439: --------------------------------- Fix Version/s: 1.1.0.CR2 (was: 1.1.0.CR1) > Client Cert authentication using certificate passed from a proxy > ---------------------------------------------------------------- > > Key: ELY-439 > URL: https://issues.jboss.org/browse/ELY-439 > Project: WildFly Elytron > Issue Type: Feature Request > Components: HTTP > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.CR2 > > > Undertow contains a feature where by the Proxy server can handle SSL and pass the certificate chain to Undertow - this is then used for the actual client cert authentication. > We need to cover this type of scenario within our generic HTTP authentication framework. > We could further wrap the SSLSession in a similar way Undertow does - or we could make the chain availbale as a fall back. > Related to this we also need to work on the different attachment contexts, that may affect how we consider SSLSession attachments. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 10 months

1
0
0 / 0

[JBoss JIRA] (ELY-432) Support setEnableSessionCreation on ServerSSLContextBuilder

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-432?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-432: --------------------------------- Fix Version/s: 1.1.0.CR2 (was: 1.1.0.CR1) > Support setEnableSessionCreation on ServerSSLContextBuilder > ----------------------------------------------------------- > > Key: ELY-432 > URL: https://issues.jboss.org/browse/ELY-432 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SSL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.CR2 > > > It is already possible to configure this one for XNIO and Undertow so we should add this config option to our own builder. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 10 months

1
0
0 / 0

[JBoss JIRA] (ELY-430) Add HostnameVerifier implementation

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-430?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-430: --------------------------------- Fix Version/s: 1.1.0.CR2 (was: 1.1.0.CR1) > Add HostnameVerifier implementation > ----------------------------------- > > Key: ELY-430 > URL: https://issues.jboss.org/browse/ELY-430 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SSL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.CR2 > > > We should at the very least have a sensible default implementation checking the certificate against the host name. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 10 months

1
0
0 / 0

[JBoss JIRA] (ELY-422) Default SSLContext?

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-422?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-422: --------------------------------- Fix Version/s: 1.1.0.CR2 (was: 1.1.0.CR1) > Default SSLContext? > ------------------- > > Key: ELY-422 > URL: https://issues.jboss.org/browse/ELY-422 > Project: WildFly Elytron > Issue Type: Task > Components: SSL > Reporter: Darran Lofthouse > Fix For: 1.1.0.CR2 > > > We know we want one, what we don't know is exactly that it means and is it an Elytron concern or subsystem concern. > One issue is within Elytron our SSLContext implementations are either server side specific or client side specific - we may even want to review if there is any way to review what it is being used for and act accordingly. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 10 months

1
0
0 / 0

[JBoss JIRA] (ELY-355) HTTP Authentication Mechanism Testing

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-355?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-355: --------------------------------- Fix Version/s: 1.1.0.CR2 (was: 1.1.0.CR1) > HTTP Authentication Mechanism Testing > ------------------------------------- > > Key: ELY-355 > URL: https://issues.jboss.org/browse/ELY-355 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Testsuite > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.CR2 > > > We don't want to create a full HTTP server but we should have a sufficient wrapper to test the HTTP authentication framework and test out specific mechanims. > This will leave the Elytron Web project to smoke test integration and not focus on testing the actual mechanisms. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 10 months

1
0
0 / 0

[JBoss JIRA] (ELY-572) Update the GSSAPI SASL mechanism to use the ServerCredentialCallback(GSSCredentialCredential.class)

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-572?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-572: --------------------------------- Fix Version/s: 1.1.0.CR2 (was: 1.1.0.CR1) > Update the GSSAPI SASL mechanism to use the ServerCredentialCallback(GSSCredentialCredential.class) > --------------------------------------------------------------------------------------------------- > > Key: ELY-572 > URL: https://issues.jboss.org/browse/ELY-572 > Project: WildFly Elytron > Issue Type: Bug > Components: SASL > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 1.1.0.CR2 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 10 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira June 2017