[jboss-jira] [JBoss JIRA] (ELY-712) Elytron GSSCredential propagation

[Jan Kalina (JIRA)]

     [ https://issues.jboss.org/browse/ELY-712?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jan Kalina updated ELY-712:
---------------------------
    Comment: was deleted

(was: Tests green after ELY-693 resolving.)


> Elytron GSSCredential propagation
> ---------------------------------
>
>                 Key: ELY-712
>                 URL: https://issues.jboss.org/browse/ELY-712
>             Project: WildFly Elytron
>          Issue Type: Bug
>          Components: Authentication Mechanisms
>            Reporter: Jan Kalina
>            Assignee: Jan Kalina
>
> User can't achieve identity propagation scenario with elytron, so far:
> # Client authenticate to web application using SPNEGO
> # Web application calls another service (database, another web application, ... )  on behalf of user. 
> # Web applications wants to use provided gss credential, but there is no way to get associated credentials in elytron, so far
> Basically use case tested in AS TS with legacy security [1] 
> Legacy approach using {{DelegationCredentialContext.getDelegCredential()}} return null in elytron.
> Actually there exists pull request the delegated credential will be associated with the SecurityIdentity [2] . This JIRA is created mainly for tracking purpose to process it properly once pending commit gets to EAP.
> [1] https://github.com/wildfly/wildfly/blob/15f9a4f2b5a10cc3acbaa2df57d5cc13db50ff43/testsuite/integration/basic/src/test/java/org/jboss/as/test/integration/security/loginmodules/negotiation/SPNEGOLoginModuleTestCase.java#L280 testIdentityPropagation 
> [2] https://github.com/wildfly-security/wildfly-elytron/pull/434/commits/9b5aba5ca03824f0b42f786e5663cb7c3a1524f2 



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)