[JBoss JIRA] (ELY-350) Need to be able to access the SecurityDomain wrapped by AbstractMechanismAuthenticationFactory

Tuesday, 27 October 2015

    [
https://issues.jboss.org/browse/ELY-350?page=com.atlassian.jira.plugin.sy...
] 

David Lloyd commented on ELY-350:
---------------------------------

I think at present the SecurityDomain is considered a privileged object - in general we
don't want everyone to have access to that.  Futhermore, if you had the ability to
construct the factory, you presumably had access to the corresponding SecurityDomain, so
it should still be available there.

That said, it's possible that the auth factory already gives de facto access to all
the stuff that hiding the SecurityDomain would have hidden, so maybe it doesn't
actually matter.

...
 Need to be able to access the SecurityDomain wrapped by
AbstractMechanismAuthenticationFactory

----------------------------------------------------------------------------------------------

                 Key: ELY-350
                 URL: https://issues.jboss.org/browse/ELY-350
             Project: WildFly Elytron
          Issue Type: Enhancement
          Components: API / SPI, HTTP, SASL
            Reporter: Darran Lofthouse
            Assignee: Darran Lofthouse
             Fix For: 1.1.0.Alpha2

 Where services use the AbstractMechanismAuthenticationFactory to provide their
authentication mechanisms they also need access to the wrapped SecurityDomain
 e.g. Later on the same container may need this to obtai the current SecurityIdentity.

--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006