[jboss-jira] [JBoss JIRA] Updated: (JBPORTAL-1175) Provide security authentication per wsrp producer in the consumer

Julien Viet (JIRA) jira-events at lists.jboss.org
Wed Apr 18 10:34:33 EDT 2007 

     [ http://jira.jboss.com/jira/browse/JBPORTAL-1175?page=all ]

Julien Viet updated JBPORTAL-1175:
----------------------------------

    Fix Version/s: 2.6.CR2
                       (was: 2.6.CR1)

> Provide security authentication per wsrp producer in the consumer
> -----------------------------------------------------------------
>
>                 Key: JBPORTAL-1175
>                 URL: http://jira.jboss.com/jira/browse/JBPORTAL-1175
>             Project: JBoss Portal
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: Portal WSRP
>            Reporter: Julien Viet
>         Assigned To: Chris Laprun
>             Fix For: 2.6.CR2
>
>
> Security based on SOAP/HTTP security which allow basic/digest authentication.
> Usually the stub can be configured using smth like :
> Stub stub = // ... get the Stub;
> stub._setProperty ("javax.xml.rpc.security.auth.username", "juliet");
> stub._setProperty ("javax.xml.rpc.security.auth.password", "mypassword");
> We need to support several kind of username/password style, so we should have 
> 1/ a global username/password for the whole producer, smth like
> <wsrp-producer>
>    <producer-id>blah</producer-id>
> ...
>    <auth-config>
>       <username>blah username</username>
>       <password>blah password</password>
>    </auth-config>
> </wsrp-producer>
> 2/ a generic mechanism that would allow more fine grained username/password that can allow to make identity propagation (for sso)
> <wsrp-producer>
>    <producer-id>blah</producer-id>
> ...
>    <auth-config>
>       <credential-factory>org.client.BlahCredentialFactory</credential-factory>
>    </auth-config>
> </wsrp-producer>
> with an interface which allows to retrieve credentials. Usually the factory implementations leverage thread local mechanisms to integrate the user identity with a username/password storage like :
> String userId = UserId.getCurrentUserId();
> String password = passwordStore.getPassword(userId);
> return new WSRPCredential(userId, password);

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list