David Lloyd created ELY-383:
-------------------------------
Summary: Update ServerAuthenticationContext to carry an identity from start
to end
Key: ELY-383
URL:
https://issues.jboss.org/browse/ELY-383
Project: WildFly Elytron
Issue Type: Task
Components: API / SPI
Reporter: David Lloyd
Assignee: David Lloyd
Fix For: 1.1.0.Beta3
Attachments: Blank Flowchart - ServerAuthenticationContext.png
The {{ServerAuthenticationContext}} should capture the identity in force for its domain
when it is constructed. Any authorization attempt should always apply to the current
identity - either the captured identity, or whatever the last successfully authorized
identity was in the context.
The attached state diagram should accurately summarize how authorization identity flows
through. Authentication identity is only available during the "NAME ASSIGNED"
state; once authorization occurs, the authentication identity is no longer useful and is
disposed.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)