[
https://issues.jboss.org/browse/ELY-1418?page=com.atlassian.jira.plugin.s...
]
Martin Choma commented on ELY-1418:
-----------------------------------
[~bilge][~fjuma] [~bmaxwell] Can we discuss possibility of creating RFE for this.
Customers migrating from legacy security solution are missing this feature. Although they
can write custom realm, I think it would be more convenient if Elytron provide support for
this out of the box.
CLIENT_CERT without users certificates database
-----------------------------------------------
Key: ELY-1418
URL:
https://issues.jboss.org/browse/ELY-1418
Project: WildFly Elytron
Issue Type: Feature Request
Components: HTTP
Affects Versions: 1.2.0.Beta7
Reporter: Jan Kalina
Assignee: Jan Kalina
CLIENT_CERT http-authentication-mechanism currently requires to provide security-realm,
which will contain identity for given certificate and will verify X509Evidence for it.
This does not provide replacement for legacy truststore auth, which allows to use only CA
certificate to authenticate users by certificates signed by CA, without any database of
them.
Analysis document:
https://developer.jboss.org/wiki/AnalysisDesign-CLIENTCERTWithoutUsersCer...
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)