[jboss-jira] [JBoss JIRA] (ELY-350) Need to be able to access the SecurityDomain wrapped by AbstractMechanismAuthenticationFactory
David Lloyd (JIRA)
issues at jboss.org
Tue Oct 27 10:19:00 EDT 2015
[ https://issues.jboss.org/browse/ELY-350?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13122486#comment-13122486 ]
David Lloyd commented on ELY-350:
---------------------------------
I think at present the SecurityDomain is considered a privileged object - in general we don't want everyone to have access to that. Futhermore, if you had the ability to construct the factory, you presumably had access to the corresponding SecurityDomain, so it should still be available there.
That said, it's possible that the auth factory already gives de facto access to all the stuff that hiding the SecurityDomain would have hidden, so maybe it doesn't actually matter.
> Need to be able to access the SecurityDomain wrapped by AbstractMechanismAuthenticationFactory
> ----------------------------------------------------------------------------------------------
>
> Key: ELY-350
> URL: https://issues.jboss.org/browse/ELY-350
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: API / SPI, HTTP, SASL
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 1.1.0.Alpha2
>
>
> Where services use the AbstractMechanismAuthenticationFactory to provide their authentication mechanisms they also need access to the wrapped SecurityDomain
> e.g. Later on the same container may need this to obtai the current SecurityIdentity.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list