[JBoss JIRA] (TEIID-4561) Deprecate the PassthroughIdentityLoginModule

Thursday, 10 November 2016

    [
https://issues.jboss.org/browse/TEIID-4561?page=com.atlassian.jira.plugin...
] 

Steven Hawkins commented on TEIID-4561:
---------------------------------------

...
 You do not have access to Subject here, at least I think did not find
a way access the Subject object, because there is no JAAS based security. 
So keycloak is performing a non-JAAS authentication, but is not providing a Subject.  Can
you clarify when the KeycloakLoginModule comes into play?

...
 In OAuth20LoginModule also I do not we have access to a Subject, but
we will have capability to create Subject and associate credential for JEE pattern.

I'm not following you here.  There will be a Subject when OAuth20LoginModule is used
to secure a data source on the call to the data source.  Are you talking about a different
point in the flow?

...
 Deprecate the PassthroughIdentityLoginModule
 --------------------------------------------

                 Key: TEIID-4561
                 URL: https://issues.jboss.org/browse/TEIID-4561
             Project: Teiid
          Issue Type: Quality Risk
          Components: Server
            Reporter: Steven Hawkins
            Assignee: Steven Hawkins
             Fix For: 9.2

 The delegation capability of the PassthroughIdentityLoginModule can be associated with
the underlying OAuth10/20 login modules (similar to the delegationCredential behavior of
the KerberosLoginModule).  Also the OAuthCredentialContext should be changed to use the
Subject private credentials rather than a ThreadLocal. 

--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009