June 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-36) Server Authentication Context Lifecycle

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-36?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse resolved ELY-36. --------------------------------- Resolution: Out of Date > Server Authentication Context Lifecycle > --------------------------------------- > > Key: ELY-36 > URL: https://issues.jboss.org/browse/ELY-36 > Project: WildFly Elytron > Issue Type: Task > Components: API / SPI > Reporter: Darran Lofthouse > Fix For: 1.1.0.CR2 > > > The authentication context is used with a sequence of calls during the authentication process, this task is to look into how we can apply a lifecycle to that so that appropriate clean up can be performed. > This could be closely related to ELY-35 which specifically looks at outcome notification. > When considering a lifecycle I think we have two key events to think about, the most natural one being once the authentication process is complete regardless of outcome - however should also consider intermediate responses going back to the client - we do not want to be holding onto expensive resources once we pass control back to the client as that risks a Dos based attack. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (ELY-31) Authentication and establishment of IdentityContext based on authorization ID.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-31?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse resolved ELY-31. --------------------------------- Resolution: Out of Date > Authentication and establishment of IdentityContext based on authorization ID. > ------------------------------------------------------------------------------ > > Key: ELY-31 > URL: https://issues.jboss.org/browse/ELY-31 > Project: WildFly Elytron > Issue Type: Sub-task > Components: Testsuite > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.CR2 > > > This may be our most critical scenario, ELY-30 is really a simplification of this one. > Being able to establish an identity as a different user is a key feature we are looking to achieve as this is going to be a fundamental requirement for the identity switching and propagation capabilities. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (ELY-56) Bridge Compatibility Between Existing SASL Mechanisms and Factories and Elytron

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-56?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse resolved ELY-56. --------------------------------- Resolution: Out of Date > Bridge Compatibility Between Existing SASL Mechanisms and Factories and Elytron > ------------------------------------------------------------------------------- > > Key: ELY-56 > URL: https://issues.jboss.org/browse/ELY-56 > Project: WildFly Elytron > Issue Type: Task > Reporter: Darran Lofthouse > Fix For: 1.1.0.CR2 > > > To be designed. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (ELY-54) Support for stronger hashes as alternatives to MD5

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-54?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-54: -------------------------------- Fix Version/s: 1.2.0.Beta1 (was: 1.1.0.CR2) > Support for stronger hashes as alternatives to MD5 > -------------------------------------------------- > > Key: ELY-54 > URL: https://issues.jboss.org/browse/ELY-54 > Project: WildFly Elytron > Issue Type: Feature Request > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.2.0.Beta1 > > > Presently Digest authentication is based on MD5 - however we should either update the mechanism or add new mechanisms to support the use of stronger hashes. > As this library is used both client and server side installations that require the stronger hashes can just ensure the client and server have the latest version of this library - installations that still require interaction with MD5 will need to ensure that it is still available as a mechanism. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (ELY-42) Vault

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-42?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse commented on ELY-42: ------------------------------------- [~pskopek] I assume this one can be resolved? > Vault > ----- > > Key: ELY-42 > URL: https://issues.jboss.org/browse/ELY-42 > Project: WildFly Elytron > Issue Type: Feature Request > Components: API / SPI > Reporter: Darran Lofthouse > Assignee: Peter Skopek > Fix For: 1.1.0.CR2 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (ELY-60) Update the local authentication mechanism to allow permissions to be specified for the challenge file.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-60?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-60: -------------------------------- Fix Version/s: 1.2.0.Beta1 (was: 1.1.0.CR2) > Update the local authentication mechanism to allow permissions to be specified for the challenge file. > ------------------------------------------------------------------------------------------------------ > > Key: ELY-60 > URL: https://issues.jboss.org/browse/ELY-60 > Project: WildFly Elytron > Issue Type: Task > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.2.0.Beta1 > > > (This would include switching to a dependency on Java 7 server side at least) -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (ELY-65) Verify client dependencies are minimal

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-65?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse resolved ELY-65. --------------------------------- Resolution: Rejected > Verify client dependencies are minimal > -------------------------------------- > > Key: ELY-65 > URL: https://issues.jboss.org/browse/ELY-65 > Project: WildFly Elytron > Issue Type: Task > Reporter: Darran Lofthouse > Fix For: 1.1.0.CR2 > > > i.e. don't bring in all of Elytron -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (ELY-63) Pluggable nonce handling strategy

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-63?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-63: -------------------------------- Fix Version/s: 1.2.0.Beta1 (was: 1.1.0.CR2) > Pluggable nonce handling strategy > --------------------------------- > > Key: ELY-63 > URL: https://issues.jboss.org/browse/ELY-63 > Project: WildFly Elytron > Issue Type: Task > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.2.0.Beta1 > > > Implement a pluggable nonce handling strategy. > At the very least we need to be able to switch to using a SecureRandom instead of Random. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (ELY-91) Unify mechanism selection and fix the tests

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-91?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse resolved ELY-91. --------------------------------- Resolution: Out of Date > Unify mechanism selection and fix the tests > ------------------------------------------- > > Key: ELY-91 > URL: https://issues.jboss.org/browse/ELY-91 > Project: WildFly Elytron > Issue Type: Task > Reporter: Peter Skopek > Assignee: Peter Skopek > Fix For: 1.1.0.CR2 > > > Unify mechanism selection and fix the tests -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 6 months

1
0
0 / 0

[JBoss JIRA] (ELY-88) Command line utilities

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-88?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse updated ELY-88: -------------------------------- Fix Version/s: 1.2.0.Beta1 (was: 1.1.0.CR2) > Command line utilities > ---------------------- > > Key: ELY-88 > URL: https://issues.jboss.org/browse/ELY-88 > Project: WildFly Elytron > Issue Type: Feature Request > Reporter: David Lloyd > Assignee: Peter Skopek > Fix For: 1.2.0.Beta1 > > > We should provide easy-to-use command line tools from the Elytron JAR as a main class that provide useful functions to users like: > * Creating password hashes > * Creating certificates and certificate requests > * Creating key pairs of various types > * Managing key stores (everything keytool does) > * Get the library version -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 6 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira June 2017