[jboss-jira] [JBoss JIRA] (ELY-193) Add more combinations to CredentialSupport
Darran Lofthouse (JIRA)
issues at jboss.org
Wed May 13 13:40:19 EDT 2015
[ https://issues.jboss.org/browse/ELY-193?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated ELY-193:
---------------------------------
Git Pull Request: https://github.com/wildfly-security/wildfly-elytron/pull/152
> Add more combinations to CredentialSupport
> ------------------------------------------
>
> Key: ELY-193
> URL: https://issues.jboss.org/browse/ELY-193
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: API / SPI
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 1.0.0.Alpha2
>
>
> The current combinations mean that if a realm claims a credential type is obtainable the realm is also required to be able to validate that credential type.
> This leads to a couple of problems: -
> - Some types the realm is now forced to verify don't actually make sense, e.g. verify a DigestPassword just because it is obtainable when verifying one does not actually make sense.
> - We have no API for comparison of specialised credential types so the realm needs to understand how to compare them.
> So instead we need to relax the CredentialSupport options to allow a realm to return a type without actually being able to verify that type.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the jboss-jira
mailing list