[JBoss JIRA] (ELY-927) Pass additional information to Elytron Realm getCredential method

Tuesday, 7 February 2017

    [
https://issues.jboss.org/browse/ELY-927?page=com.atlassian.jira.plugin.sy...
] 

Darran Lofthouse commented on ELY-927:
--------------------------------------

Also we may still have some cases where we want to pass additional information from the
mech to the realm.  We can use a specific credential type for the result but we still
can't get the additional information into the RealmIdenty.

As an example session based Digest needs the nonce passing over.  The purpose of this is
we can make a remote call to obtain a credential representation valid only for this
session, even if the heap was compromised the credential instances on the heap would only
be valid for a specific session and could not be used for new sessions.

...
 Pass additional information to Elytron Realm getCredential method
 -----------------------------------------------------------------

                 Key: ELY-927
                 URL: https://issues.jboss.org/browse/ELY-927
             Project: WildFly Elytron
          Issue Type: Bug
            Reporter: Josef Cacek
            Assignee: Darran Lofthouse

 There should be a possibility to retrieve additional information (e.g. Digest Realm name)
in the realms when calling {{getCredential}} method. Currently such info has to be
provided (duplicated) in the realm configuration.
 This issue is created as follow up for JBEAP-6003. See [this
comment|https://issues.jboss.org/browse/JBEAP-6003?focusedCommentId=13359...]
with HipChat discussion. 

--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006