]
Farah Juma updated ELYWEB-99:
-----------------------------
Summary: HTTP External Security Not Supported by Elytron (was: [GSS][7.2.2] HTTP
External Security Not Supported by Elytron)
HTTP External Security Not Supported by Elytron
-----------------------------------------------
Key: ELYWEB-99
URL:
https://issues.redhat.com/browse/ELYWEB-99
Project: Elytron Web
Issue Type: Feature Request
Reporter: Ashley Abdel-Sayed
Assignee: Ashley Abdel-Sayed
Priority: Major
Fix For: 1.8.0.Final
For legacy security, there's an EXTERNAL HTTP authentication mechanism
(io.undertow.security.impl.ExternalAuthenticationMechanism) which performs no verification
and simply uses the principal that was passed from the REMOTE_USER attribute by the AJP
protocol. There is a "ClientLoginModule" in legacy security used as such:
https://access.redhat.com/solutions/3465231. It is a requirement to add an equivalent of
this EXTERNAL mechanism available in legacy and Elytron-SASL for Elytron-HTTP in order to
migrate away from legacy security.