[
https://issues.jboss.org/browse/AS7-4676?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse commented on AS7-4676:
---------------------------------------
I am going to keep this open to still consider further but you may be able to achieve this
with the plug-in mechanism just added to AS 7.1.2
When working with the plug-ins you could implement an authorization plug-in to load the
role information after the certificate based authentication has completed - the plug-in
could then throw a RuntimeException if appropriate roles are not found in LDAP.
Support Password Stacking for Domain HTTP Server
------------------------------------------------
Key: AS7-4676
URL:
https://issues.jboss.org/browse/AS7-4676
Project: Application Server 7
Issue Type: Feature Request
Components: Domain Management, Security
Reporter: Jess Sightler
Assignee: Darran Lofthouse
Fix For: 7.2.0.Alpha1
Our clients need the ability to restrict logins by client certificate, and by a role
stored within an LDAP server. Ideally, the system would support some form of
password-stacking feature to allow access based upon a combination of authentication
systems.
Cf,
http://docs.jboss.org/jbossas/docs/Server_Configuration_Guide/4/html/Usin...
for how this is implemented in existing EAP5 installations.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see:
http://www.atlassian.com/software/jira