[gatein-issues] [JBoss JIRA] Moved: (GTNWSRP-132) Provide security authentication per wsrp producer in the consumer

Chris Laprun (JIRA) jira-events at lists.jboss.org
Thu Oct 28 09:38:05 EDT 2010 

     [ https://jira.jboss.org/browse/GTNWSRP-132?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Chris Laprun moved JBPORTAL-1175 to GTNWSRP-132:
------------------------------------------------

          Project: GateIn WSRP  (was: JBoss Portal)
              Key: GTNWSRP-132  (was: JBPORTAL-1175)
      Component/s:     (was: Portal WSRP)
    Fix Version/s: 2.1.0
                       (was: 2.8 Final)


> Provide security authentication per wsrp producer in the consumer
> -----------------------------------------------------------------
>
>                 Key: GTNWSRP-132
>                 URL: https://jira.jboss.org/browse/GTNWSRP-132
>             Project: GateIn WSRP
>          Issue Type: Feature Request
>            Reporter: Julien Viet
>            Assignee: Chris Laprun
>             Fix For: 2.1.0
>
>
> Security based on SOAP/HTTP security which allow basic/digest authentication.
> Usually the stub can be configured using smth like :
> Stub stub = // ... get the Stub;
> stub._setProperty ("javax.xml.rpc.security.auth.username", "juliet");
> stub._setProperty ("javax.xml.rpc.security.auth.password", "mypassword");
> We need to support several kind of username/password style, so we should have 
> 1/ a global username/password for the whole producer, smth like
> <wsrp-producer>
>    <producer-id>blah</producer-id>
> ...
>    <auth-config>
>       <username>blah username</username>
>       <password>blah password</password>
>    </auth-config>
> </wsrp-producer>
> 2/ a generic mechanism that would allow more fine grained username/password that can allow to make identity propagation (for sso)
> <wsrp-producer>
>    <producer-id>blah</producer-id>
> ...
>    <auth-config>
>       <credential-factory>org.client.BlahCredentialFactory</credential-factory>
>    </auth-config>
> </wsrp-producer>
> with an interface which allows to retrieve credentials. Usually the factory implementations leverage thread local mechanisms to integrate the user identity with a username/password storage like :
> String userId = UserId.getCurrentUserId();
> String password = passwordStore.getPassword(userId);
> return new WSRPCredential(userId, password);

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the gatein-issues mailing list