Keep me up to date on this. I'll be using the IdentityManager override
approach with the current codebase for the moment.
I have made some changes that should make this easier for you:
https://github.com/wildfly/wildfly/pull/4924/files
Basically the principalVsRoleMap is now stored in the DeploymentInfo, and it is no longer
used by the IdentityManager.
Stuart
On 8/15/2013 8:56 AM, Darran Lofthouse wrote:
> I will put something together shortly for the mechanism overrides, I
> previously proposed a solution to these lists a while back which
> received quite a bit of support.
>
> Overall mechanism overrides will either be possible using the subsystem
> configuration or deployment specific configuration providing both ways
> to set the mechanism for the app being deployed.
>
> Regards,
> Darran Lofthouse.
>
>
> On 15/08/13 01:23, Bill Burke wrote:
>> I'm looking at Undertow handlers and Auth mechanisms and trying to
>> figure out how to port resteasy oauth. I need to be able to do the
>> following
>>
>> 1. check a cookie to see if user is already logged in.
>> 2. If not redirect to auth server
>> 3. get a redirect back from auth server
>> 4. make an HTTP request to server based on information from the request
>> 5. Obtain a token from this request
>> 6. Parse and validate the token to obtain user identity and role mappings
>> 7. Propagate the identity and role mappings so other layers can do their
>> thing (like role checks)
>>
>> I can do most of this within a AuthenticationMechanism. sendChallenge()
>> would be used to send the redirect to the auth server. I think a custom
>> IdentityManager is needed. This would accept a custom Credential. The
>> Credential would have the identity and role mappings within it and the
>> IdentityManager would allocate an Account based on this information.
>>
>> So, thats for Undertow....but I don't see any way to wire this all up
>> for Wildfly. The IdentityManager is hardcoded to a JaaS one and I see
>> no way of wiring up AuthenticationMechanisms. I see no other undertow
>> specific config except for undertow-handlers.conf.
>>
>
> _______________________________________________
> undertow-dev mailing list
> undertow-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/undertow-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
undertow-dev mailing list
undertow-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/undertow-dev