[jboss-jira] [JBoss JIRA] (ELY-716) Password Transformations

Thu Nov 3 12:17:00 EDT 2016

     [ https://issues.jboss.org/browse/ELY-716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse reassigned ELY-716:
------------------------------------

    Assignee:     (was: David Lloyd)


> Password Transformations
> ------------------------
>
>                 Key: ELY-716
>                 URL: https://issues.jboss.org/browse/ELY-716
>             Project: WildFly Elytron
>          Issue Type: Enhancement
>          Components: API / SPI
>            Reporter: Darran Lofthouse
>             Fix For: 2.0.0.Alpha1
>
>
> There may be reasons that still make this impossible so some research will be required first.
> However take mechanisms like Digest SASL: -
> https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/java/org/wildfly/security/sasl/digest/AbstractDigestMechanism.java#L620
> Here the mechanism queries different password types and converts as needed.
> Instead the mechanism should be able to query the most specific time and a set of registered transformers kick in to convert between the different types.
> The credential support methods should also take into account transformations that the transformers can perform.
> The one thing however that may make this impossible is if the specific form of a credential needs additional information e.g. the mechanism could support arbitrary realms and use it to create the digested form.


--
This message was sent by Atlassian JIRA
(v7.2.3#72005)