[jboss-jira] [JBoss JIRA] (ELY-383) Update ServerAuthenticationContext to carry an identity from start to end
David Lloyd (JIRA)
issues at jboss.org
Mon Nov 30 22:41:00 EST 2015
David Lloyd created ELY-383:
-------------------------------
Summary: Update ServerAuthenticationContext to carry an identity from start to end
Key: ELY-383
URL: https://issues.jboss.org/browse/ELY-383
Project: WildFly Elytron
Issue Type: Task
Components: API / SPI
Reporter: David Lloyd
Assignee: David Lloyd
Fix For: 1.1.0.Beta3
Attachments: Blank Flowchart - ServerAuthenticationContext.png
The {{ServerAuthenticationContext}} should capture the identity in force for its domain when it is constructed. Any authorization attempt should always apply to the current identity - either the captured identity, or whatever the last successfully authorized identity was in the context.
The attached state diagram should accurately summarize how authorization identity flows through. Authentication identity is only available during the "NAME ASSIGNED" state; once authorization occurs, the authentication identity is no longer useful and is disposed.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list