[GSS][7.2.2] HTTP External Security Not Supported by Elytron ------------------------------------------------------------ Key: ELYWEB-99 URL: https://issues.redhat.com/browse/ELYWEB-99 Project: Elytron Web Issue Type: Feature Request Reporter: Ashley Abdel-Sayed Assignee: Ashley Abdel-Sayed Priority: Major Fix For: 1.8.0.Final For legacy security, there's an EXTERNAL HTTP authentication mechanism (io.undertow.security.impl.ExternalAuthenticationMechanism) which performs no verification and simply uses the principal that was passed from the REMOTE_USER attribute by the AJP protocol. There is a "ClientLoginModule" in legacy security used as such: https://access.redhat.com/solutions/3465231. It is a requirement to add an equivalent of this EXTERNAL mechanism available in legacy and Elytron-SASL for Elytron-HTTP in order to migrate away from legacy security.