]
David Lloyd updated ELY-473:
----------------------------
Summary: True credential forwarding support (was: True forwarding credential
support)
True credential forwarding support
----------------------------------
Key: ELY-473
URL:
https://issues.jboss.org/browse/ELY-473
Project: WildFly Elytron
Issue Type: Enhancement
Reporter: David Lloyd
Priority: Minor
Fix For: 1.1.0.Beta5
Now we are ready for true support for forwarding credentials.
The credentials should be associated with the SecurityIdentity itself. A permission
check is required to acquire them (maybe even both a code permission check *and* a user
authorization check).
We could support holding one credential per type+algorithm combination, or simply a list
of credentials which can be queried.
Authentication client API should be enhanced to search a security domain's current
identity for a forwarding credential to use.