[jboss-jira] [JBoss JIRA] (WFCORE-2655) Add option to wrap the GSSCredential in kerberos security factory

Stefan Guilhen (JIRA) issues at jboss.org
Mon Apr 10 16:44:00 EDT 2017 

     [ https://issues.jboss.org/browse/WFCORE-2655?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Stefan Guilhen updated WFCORE-2655:
-----------------------------------
    Description: 
The legacy KerberosLoginModule has an option called wrapGssCredential that tells the code building the GSSCredential that it should wrap the constructed credential to prevent improper credential disposal by some DB drivers. It essentially delegates every method to the wrapped GSSCredential but makes dispose() a no-op.

The kerberos security factory in the Elytron subsystem doesn't offer an option to wrap the credential and it creates a backwards compatibility problem.

  was:
The legacy KerberosLoginModule has an option called wrapGssCredential that tells the code building the GSSCredential that it should wrap the constructed credential to prevent improper credential disposal by some DB drivers. It essentially delegates every method to the wrapped GSSCredential but makes dispose() a no-op.

The kerberos security factory in Elytron doesn't offer an option to wrap the credential and it creates a backwards compatibility problem.



> Add option to wrap the GSSCredential in kerberos security factory
> -----------------------------------------------------------------
>
>                 Key: WFCORE-2655
>                 URL: https://issues.jboss.org/browse/WFCORE-2655
>             Project: WildFly Core
>          Issue Type: Feature Request
>          Components: Security
>    Affects Versions: 3.0.0.Beta14
>            Reporter: Stefan Guilhen
>            Assignee: Stefan Guilhen
>             Fix For: 3.0.0.Beta15
>
>
> The legacy KerberosLoginModule has an option called wrapGssCredential that tells the code building the GSSCredential that it should wrap the constructed credential to prevent improper credential disposal by some DB drivers. It essentially delegates every method to the wrapped GSSCredential but makes dispose() a no-op.
> The kerberos security factory in the Elytron subsystem doesn't offer an option to wrap the credential and it creates a backwards compatibility problem.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list