[jboss-jira] [JBoss JIRA] (ELY-126) Consider adding credential verification to realm API
David Lloyd (JIRA)
issues at jboss.org
Wed Dec 10 12:06:39 EST 2014
[ https://issues.jboss.org/browse/ELY-126?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13026797#comment-13026797 ]
David Lloyd commented on ELY-126:
---------------------------------
Here's a proposal API:
{code}
public interface RealmIdentity {
// [...]
/**
* Verify the given credential. The result is one of the following:
* <ul>
* <li>{@link VerificationResult#DENIED} - the credential is not valid</li>
* <li>{@link VerificationResult#UNVERIFIED} - the credential is not supported or could not be verified; retry with another credential type</li>
* <li>{@link VerificationResult#VERIFIED} - the credential is valid and verified</li>
* </ul>
*
* @param credential the credential to verify
* @return the non-{@code null} verification result
*/
VerificationResult verifyCredential(Object credential);
// [...]
}
{code}
It does require that realms all support this method, which at the least would have to support {{char[]}} credentials for password verification.
> Consider adding credential verification to realm API
> ----------------------------------------------------
>
> Key: ELY-126
> URL: https://issues.jboss.org/browse/ELY-126
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: API / SPI, Realms
> Reporter: David Lloyd
>
> Some realms may not be able to acquire credentials. These realms will need a verification API (not like the old verification API though).
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
More information about the jboss-jira
mailing list