[jboss-jira] [JBoss JIRA] (ELY-178) Domain to domain identity propagation
Darran Lofthouse (JIRA)
issues at jboss.org
Fri Jul 31 13:39:13 EDT 2015
[ https://issues.jboss.org/browse/ELY-178?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated ELY-178:
---------------------------------
Fix Version/s: 1.0.0.Alpha4
(was: 1.0.0.Alpha3)
> Domain to domain identity propagation
> -------------------------------------
>
> Key: ELY-178
> URL: https://issues.jboss.org/browse/ELY-178
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: Realms
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 1.0.0.Alpha4
>
>
> At the lowest level a users identity is associated with a single SecurityRealm, two accounts that authenticated against different realms will never be considered equal.
> However on top of this we have the security domains, a security domain amongst other things is an aggregation of realms. Incoming server connections and also applications can be associated with a security domain. However we still have the following two scenarios of a call to complete the consideration for: -
> Connection -> Deployment
> Deployment -> Deployment
> In the first case the connection may be associated with a security domain with a large set of realms, however the deployment may be associated with a smaller set of realms. In the case that the realm is in both of these domains we need the identity to be able to automatically propagate.
> Same for deployment to deployment calls, if there is a common realm the identity should propagate.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the jboss-jira
mailing list