[jboss-jira] [JBoss JIRA] (ELY-178) Domain to domain identity propagation
Darran Lofthouse (JIRA)
issues at jboss.org
Fri Apr 17 08:27:19 EDT 2015
Darran Lofthouse created ELY-178:
------------------------------------
Summary: Domain to domain identity propagation
Key: ELY-178
URL: https://issues.jboss.org/browse/ELY-178
Project: WildFly Elytron
Issue Type: Feature Request
Components: Realms
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 1.0.0.Alpha1
At the lowest level a users identity is associated with a single SecurityRealm, two accounts that authenticated against different realms will never be considered equal.
However on top of this we have the security domains, a security domain amongst other things is an aggregation of realms. Incoming server connections and also applications can be associated with a security domain. However we still have the following two scenarios of a call to complete the consideration for: -
Connection -> Deployment
Deployment -> Deployment
In the first case the connection may be associated with a security domain with a large set of realms, however the deployment may be associated with a smaller set of realms. In the case that the realm is in both of these domains we need the identity to be able to automatically propagate.
Same for deployment to deployment calls, if there is a common realm the identity should propagate.
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
More information about the jboss-jira
mailing list