[jboss-jira] [JBoss JIRA] (WFCORE-2293) Centrally define sensitivity classifications for references to Elytron capabilities.
Brian Stansberry (JIRA)
issues at jboss.org
Mon Feb 13 14:54:00 EST 2017
[ https://issues.jboss.org/browse/WFCORE-2293?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13362799#comment-13362799 ]
Brian Stansberry commented on WFCORE-2293:
------------------------------------------
That's a bit tricky as the old one had more of a "application security" meaning while security-realm-ref was for "management security". That is more a result of where the reference attribute is located though.
The other thing is the names of legacy security domain names are possibly sensitive (I think; I know the old realms are), while the names of the new ones are not sensitive. So a valid restriction for the old ones will now unnecessarily affect the new ones.
> Centrally define sensitivity classifications for references to Elytron capabilities.
> ------------------------------------------------------------------------------------
>
> Key: WFCORE-2293
> URL: https://issues.jboss.org/browse/WFCORE-2293
> Project: WildFly Core
> Issue Type: Task
> Components: Domain Management, Security
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 3.0.0.Beta1
>
>
> Predominantly the following 6 items are referenced across the application server: -
> Authentication Context
> Credential Store
> HTTP Authentication Factory
> SASL Authentication Factory
> SSLContext
> Security Domain
> We should probably represent these as: -
> (Authentication Context) -> Authentication Client Ref
> (Credential Store) -> Credential
> (HTTP / SASL Authentication Factory) -> Authentication Factory Ref
> (Security Domain) -> Security Domain Ref
> (SSL Context) -> SSL Ref
> We already have 'Credential' defined so we can re-use that.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list