[jboss-jira] [JBoss JIRA] (ELY-383) Update ServerAuthenticationContext to carry an identity from start to end
David Lloyd (JIRA)
issues at jboss.org
Tue Dec 1 07:31:00 EST 2015
[ https://issues.jboss.org/browse/ELY-383?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13135591#comment-13135591 ]
David Lloyd commented on ELY-383:
---------------------------------
Actually, the transition from the "INITIAL Ⓐ" to "AUTHORIZED Ⓑ" states is better done as "INITIAL Ⓐ" to "AUTHORIZED Ⓐ", and from there to "AUTHORIZED Ⓑ".
> Update ServerAuthenticationContext to carry an identity from start to end
> -------------------------------------------------------------------------
>
> Key: ELY-383
> URL: https://issues.jboss.org/browse/ELY-383
> Project: WildFly Elytron
> Issue Type: Task
> Components: API / SPI
> Reporter: David Lloyd
> Assignee: David Lloyd
> Fix For: 1.1.0.Beta3
>
> Attachments: Blank Flowchart - ServerAuthenticationContext.png
>
>
> The {{ServerAuthenticationContext}} should capture the identity in force for its domain when it is constructed. Any authorization attempt should always apply to the current identity - either the captured identity, or whatever the last successfully authorized identity was in the context.
> The attached state diagram should accurately summarize how authorization identity flows through. Authentication identity is only available during the "NAME ASSIGNED" state; once authorization occurs, the authentication identity is no longer useful and is disposed.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list