[jboss-jira] [JBoss JIRA] (ELY-712) Elytron GSSCredential propagation

Jan Kalina (JIRA) issues at jboss.org
Thu Nov 3 08:48:00 EDT 2016 

    [ https://issues.jboss.org/browse/ELY-712?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13316721#comment-13316721 ] 

Jan Kalina edited comment on ELY-712 at 11/3/16 8:47 AM:
---------------------------------------------------------

[~mchoma] has said, that [~dlofthouse] has said, that this will require https://github.com/wildfly-security/wildfly-elytron/pull/434 [ELY-473] which is not merged yet.
Looks like it is really needed for this....


was (Author: honza889):
[~mchoma] has said, that [~dlofthouse] has said, that this will require https://github.com/wildfly-security/wildfly-elytron/pull/434 which is not merged yet.

> Elytron GSSCredential propagation
> ---------------------------------
>
>                 Key: ELY-712
>                 URL: https://issues.jboss.org/browse/ELY-712
>             Project: WildFly Elytron
>          Issue Type: Bug
>          Components: Authentication Mechanisms
>            Reporter: Jan Kalina
>            Assignee: Jan Kalina
>
> User can't achieve identity propagation scenario with elytron, so far:
> # Client authenticate to web application using SPNEGO
> # Web application calls another service (database, another web application, ... )  on behalf of user. 
> # Web applications wants to use provided gss credential, but there is no way to get associated credentials in elytron, so far
> Basically use case tested in AS TS with legacy security [1] 
> Legacy approach using {{DelegationCredentialContext.getDelegCredential()}} return null in elytron.
> Actually there exists pull request the delegated credential will be associated with the SecurityIdentity [2] . This JIRA is created mainly for tracking purpose to process it properly once pending commit gets to EAP.
> [1] https://github.com/wildfly/wildfly/blob/15f9a4f2b5a10cc3acbaa2df57d5cc13db50ff43/testsuite/integration/basic/src/test/java/org/jboss/as/test/integration/security/loginmodules/negotiation/SPNEGOLoginModuleTestCase.java#L280 testIdentityPropagation 
> [2] https://github.com/wildfly-security/wildfly-elytron/pull/434/commits/9b5aba5ca03824f0b42f786e5663cb7c3a1524f2 



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list