[jboss-jira] [JBoss JIRA] (WFLY-9152) CLIENT_CERT without users certificates database
Jan Kalina (JIRA)
issues at jboss.org
Fri Jul 28 03:06:00 EDT 2017
Jan Kalina created WFLY-9152:
--------------------------------
Summary: CLIENT_CERT without users certificates database
Key: WFLY-9152
URL: https://issues.jboss.org/browse/WFLY-9152
Project: WildFly
Issue Type: Feature Request
Components: Security
Affects Versions: 11.0.0.Alpha1
Reporter: Jan Kalina
Assignee: Jan Kalina
Fix For: 12.0.0.Alpha1
CLIENT_CERT http-authentication-mechanism currently requires to provide security-realm, which will contain identity for given certificate and will verify X509Evidence for it. This does not provide replacement for legacy truststore auth, which allows to use only CA certificate to authenticate users by certificates signed by CA, without any database of them.
Analysis document:
https://developer.jboss.org/wiki/AnalysisDesign-CLIENTCERTWithoutUsersCertificatesDatabase
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list