[jboss-jira] [JBoss JIRA] (SECURITY-630) Branch 2.0.x for port new features (fallback to FORM) in JBoss 5
Marek Posolda (Commented) (JIRA)
jira-events at lists.jboss.org
Wed Nov 2 18:32:45 EDT 2011
[ https://issues.jboss.org/browse/SECURITY-630?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12639512#comment-12639512 ]
Marek Posolda commented on SECURITY-630:
----------------------------------------
Branch is created http://anonsvn.jboss.org/repos/jbossas/projects/security/security-negotiation/branches/security-negotiation-2.0.x/ from 2.0.3.SP branch. I ported needed features especially:
SECURITY-141 in commit http://source.jboss.org/changelog/JBossAS6?cs=112404
SECURITY-132 Traditional authentication in SPNEGOLoginModule (also added new needed classes like CommonLoginModule and upgraded some dependencies) - http://source.jboss.org/changelog/JBossAS6?cs=112405
SECURITY-631 Possibility to choose identity from authenticated subject http://source.jboss.org/changelog/JBossAS6?cs=112406 (I've added this feature only to 2.0.x branch but not to Negotiation trunk)
I did not change project versions in pom.xml as not sure about correct version for 2.0.x release.
Darran, do you want some other things from me before doing release?
> Branch 2.0.x for port new features (fallback to FORM) in JBoss 5
> ----------------------------------------------------------------
>
> Key: SECURITY-630
> URL: https://issues.jboss.org/browse/SECURITY-630
> Project: PicketBox (JBoss Security and Identity Management)
> Issue Type: Enhancement
> Security Level: Public(Everyone can see)
> Components: Negotiation
> Affects Versions: Negotiation_2.1.0
> Reporter: Marek Posolda
> Assignee: Darran Lofthouse
> Fix For: Negotiation_2.0.3.SP4 , Negotiation_2.1.1
>
> Attachments: negotiationAuthenticator-backwardsCompatibility.patch
>
>
> There are some new features in JBoss Negotiation 2.1.0 (especially fallback to form aka SECURITY-141 ), which will be nice to have in EPP 5.2. EPP 5 is based on JBoss 5 (JBoss web 2.x) and unfortunately JBoss Negotiation has been upgraded to be API compatible with JBoss 6 (JBoss web 3).
> Main problem problem especially signature of method NegotiationAuthenticator.authenticate(final Request request, final HttpServletResponse response, final LoginConfig config) where in JBoss 5 signature of method was authenticate(final Request request, final Response response, final LoginConfig config)
> This means that using NegotiationAuthenticator from Negotiation 2.1.0 is not working in JBoss 5 due to this compatibility problem. Unfortunately approaches like inheritance of NegotiationAuthenticator are not working because there is also change in signature of method AuthenticatorBase.register .
> It will be nice to have backwards compatibility with JBoss 5, which is possible by adding methods with old signature into class NegotiationAuthenticator, and with this approach it should work in both JBoss 5 and JBoss 6.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list