[jboss-jira] [JBoss JIRA] (ELY-1204) RealmIdentity should have a three-argument version of getCredential()
David Lloyd (JIRA)
issues at jboss.org
Thu May 25 17:26:00 EDT 2017
David Lloyd created ELY-1204:
--------------------------------
Summary: RealmIdentity should have a three-argument version of getCredential()
Key: ELY-1204
URL: https://issues.jboss.org/browse/ELY-1204
Project: WildFly Elytron
Issue Type: Enhancement
Components: Authentication Server, Realms
Reporter: David Lloyd
Fix For: 1.1.0.Beta48
{quote}
I observe that there is no method overload for {{RealmIdentity#getCredential()}} which accepts an {{AlgorithmParameterSpec}} as the {{CredentialSource}} types do. This theoretically limits the range of selectivity of credentials that can be used by a mechanism; though things like salt or nonce are usually derived from the stored credential rather than the other way around, it is possible that there are other parameters which might have an impact on the selection of the appropriate credential (like realm name, as I think this issue is about).
An appropriate three-argument overload can be added to this interface as a {{default}} method. An additional {{applyToCredential}} method can also be added accordingly. An additional {{getCredentialAcquireSupport}} method should be added as well; though it could be {{default}}, the default implementation would be less than optimal as it would have to delegate to {{getCredential}} to function properly.
It might be a good idea to add this overload now while the compatibility impact would be minimal; in this case, the new {{getCredentialAcquireSupport}} method would not have to be {{default}} (instead, the two-argument form could be made {{default}} or removed completely in favor of the three-argument version).
{quote}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list