[JBoss JIRA] (SWITCHYARD-725) Security Policy support
by Keith Babo (JIRA)
Keith Babo created SWITCHYARD-725:
-------------------------------------
Summary: Security Policy support
Key: SWITCHYARD-725
URL: https://issues.jboss.org/browse/SWITCHYARD-725
Project: SwitchYard
Issue Type: Feature Request
Components: core
Reporter: Keith Babo
Priority: Critical
Fix For: 0.5
Add support for configuring security policy in an application. This should leverage the existing policy framework in place and follow a similar pattern to how the transaction policy support was implemented. A little background on security policy can be found here:
http://docs.oasis-open.org/opencsa/sca-policy/sca-policy-1.1-spec-csprd03...
There are two stages to this feature. In the first stage, we simply need to support a service declaring that security policy is required and updated gateway components to assert that security policy is in place. The first logical candidate for gateway support would be web services and SSL-based communication. This should be a quick way to connect the dots end-to-end and then we can take it further.
The second stage involves adding an additional SecurityPolicy handler that injects a policy decision point into the handler chain. The idea here is that the gateway might not be able to make an assertion w/r/t security, but the message/context contains security details that can be hooked into an Identity Manager/Provider to make the appropriate assertions. This is where something like SAML comes in. This handler would sit before the generic policy handler (which matches required policy against provided policy) and provide the capability of adding security assertions that a gateway was not capable of handling.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
12 years, 8 months