[jboss-jira] [JBoss JIRA] Updated: (JBPORTAL-1175) Provide security authentication per wsrp producer in the consumer
Julien Viet (JIRA)
jira-events at lists.jboss.org
Thu Apr 26 09:14:31 EDT 2007
[ http://jira.jboss.com/jira/browse/JBPORTAL-1175?page=all ]
Julien Viet updated JBPORTAL-1175:
----------------------------------
Fix Version/s: 2.6_Chris_Not_Managed_Tasks
(was: 2.6.CR2)
> Provide security authentication per wsrp producer in the consumer
> -----------------------------------------------------------------
>
> Key: JBPORTAL-1175
> URL: http://jira.jboss.com/jira/browse/JBPORTAL-1175
> Project: JBoss Portal
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Portal WSRP
> Reporter: Julien Viet
> Assigned To: Chris Laprun
> Fix For: 2.6_Chris_Not_Managed_Tasks
>
>
> Security based on SOAP/HTTP security which allow basic/digest authentication.
> Usually the stub can be configured using smth like :
> Stub stub = // ... get the Stub;
> stub._setProperty ("javax.xml.rpc.security.auth.username", "juliet");
> stub._setProperty ("javax.xml.rpc.security.auth.password", "mypassword");
> We need to support several kind of username/password style, so we should have
> 1/ a global username/password for the whole producer, smth like
> <wsrp-producer>
> <producer-id>blah</producer-id>
> ...
> <auth-config>
> <username>blah username</username>
> <password>blah password</password>
> </auth-config>
> </wsrp-producer>
> 2/ a generic mechanism that would allow more fine grained username/password that can allow to make identity propagation (for sso)
> <wsrp-producer>
> <producer-id>blah</producer-id>
> ...
> <auth-config>
> <credential-factory>org.client.BlahCredentialFactory</credential-factory>
> </auth-config>
> </wsrp-producer>
> with an interface which allows to retrieve credentials. Usually the factory implementations leverage thread local mechanisms to integrate the user identity with a username/password storage like :
> String userId = UserId.getCurrentUserId();
> String password = passwordStore.getPassword(userId);
> return new WSRPCredential(userId, password);
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list