[jboss-jira] [JBoss JIRA] (ELY-736) Introduce LocalAuthenticationFactory concept and class
David Lloyd (JIRA)
issues at jboss.org
Thu Nov 10 16:01:00 EST 2016
David Lloyd created ELY-736:
-------------------------------
Summary: Introduce LocalAuthenticationFactory concept and class
Key: ELY-736
URL: https://issues.jboss.org/browse/ELY-736
Project: WildFly Elytron
Issue Type: Task
Components: API / SPI
Reporter: David Lloyd
We have a way to handle incoming authentication requests from HTTP, SASL, and TLS sources. But we don't have an API to handle local server authentication. We should have a LocalAuthenticationFactory, which implements MechanismAuthenticationFactory for this purpose.
Using JAAS as a simple model, such an API would require a class that acts as the client's login context (similarly to LoginContext), which when activated, will use the user's local AuthenticationContext to configure the identity and credentials, and yield an SI after successful authentication.
Because there are many ways in which an authentication can take place, the authentication factory may have to be able to specify or restrict the range of acceptable credential types and algorithms, and even principal types. Actual local "mechanisms" might or might not be of use to accomplish this, by returning client login contexts which utilize different principal and credential strategies.
For JAAS compatibility, it may be useful to be able to use this API to create a JAAS LoginModule which can use the local authentication factory to perform JAAS logins, wrapping the SI inside the JAAS Subject in whichever way we decide is correct.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list