[jboss-jira] [JBoss JIRA] (AS7-3112) Better integration of service based ServerAuthenticationProviders

Brian Stansberry (JIRA) jira-events at lists.jboss.org
Mon Feb 20 13:04:37 EST 2012 

     [ https://issues.jboss.org/browse/AS7-3112?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Brian Stansberry updated AS7-3112:
----------------------------------

    Component/s: Domain Management
                 Remoting
                 Security

    
> Better integration of service based ServerAuthenticationProviders
> -----------------------------------------------------------------
>
>                 Key: AS7-3112
>                 URL: https://issues.jboss.org/browse/AS7-3112
>             Project: Application Server 7
>          Issue Type: Task
>          Components: Domain Management, Remoting, Security
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>             Fix For: 7.2.0.Alpha1
>
>
> The security configuration of Remoting within AS7 is based on supplying three things: -
>  - The ServerAuthenticationProvider to obtain mechanism specific CallbackHanlders
>  - The OptionMap to control the security mechanisms made available / mandated.
>  - Possibly an initialised SSLContext for XnioSsl if SSL is being enabled.
> For domain management the capabilities of the backing realm are used to define the security offered i.e. if we have no SSL configuration we can not enable SSL, if the backing store can not return the plain text passwords we can not enable DIGEST.  This has been achieved so far by using an intermediary service to define the configuration based on capabilities alone.
> This task it to take it one step further and allow this intermediary to be defined within the Remoting subsystem and maybe an equivalent for pure domain management to act as both a intermediary to define configuration based on the realm and also to allow additional configuration overrides.  i.e. we need to support the additional SASL options available and SSL options available - this will somehow need to be merged / validated with the realm capabilities e.g. if a Realm is incompatible with Digest a user can not force the use of Digest.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list