[jboss-jira] [JBoss JIRA] (ELY-699) Client authentication should default to using the URI userInfo if present
David Lloyd (JIRA)
issues at jboss.org
Fri Oct 28 13:23:00 EDT 2016
[ https://issues.jboss.org/browse/ELY-699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13313601#comment-13313601 ]
David Lloyd commented on ELY-699:
---------------------------------
Rather than changing the API to require a URI to be given to org.wildfly.security.auth.client.AuthenticationConfiguration#getPrincipal, which would be fairly complex, a better approach might be to modify org.wildfly.security.auth.client.AuthenticationContextConfigurationClient#getAuthenticationConfiguration() to automatically add information from the URI in to the configuration before returning it, like this:
* If auth is anonymous, check for userInfo; if present, add it as a setName
* If no SetHost*Configuration is set, add the URI host (if any) as setHost
* Same for port #
Then we can add methods on AuthenticationContextConfigurationClient which do not require a URI to be given, and deprecate those old ones.
> Client authentication should default to using the URI userInfo if present
> -------------------------------------------------------------------------
>
> Key: ELY-699
> URL: https://issues.jboss.org/browse/ELY-699
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Authentication Client
> Reporter: David Lloyd
>
> The client should be using the userInfo from the connection URI in preference to anonymous authentication if that information is present. The challenge is that the API does not presently require a URI to be given when getting the authentication principal.
--
This message was sent by Atlassian JIRA
(v7.2.2#72004)
More information about the jboss-jira
mailing list