[jboss-jira] [JBoss JIRA] (ELY-1204) RealmIdentity should have a three-argument version of getCredential()

Darran Lofthouse (JIRA) issues at jboss.org
Tue May 30 10:33:01 EDT 2017 

     [ https://issues.jboss.org/browse/ELY-1204?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse updated ELY-1204:
----------------------------------
    Fix Version/s: 1.1.0.Beta49
                       (was: 1.1.0.Beta48)


> RealmIdentity should have a three-argument version of getCredential()
> ---------------------------------------------------------------------
>
>                 Key: ELY-1204
>                 URL: https://issues.jboss.org/browse/ELY-1204
>             Project: WildFly Elytron
>          Issue Type: Enhancement
>          Components: Authentication Server, Realms
>            Reporter: David Lloyd
>             Fix For: 1.1.0.Beta49
>
>
> {quote}
> I observe that there is no method overload for {{RealmIdentity#getCredential()}} which accepts an {{AlgorithmParameterSpec}} as the {{CredentialSource}} types do.  This theoretically limits the range of selectivity of credentials that can be used by a mechanism; though things like salt or nonce are usually derived from the stored credential rather than the other way around, it is possible that there are other parameters which might have an impact on the selection of the appropriate credential (like realm name, as I think this issue is about).
> An appropriate three-argument overload can be added to this interface as a {{default}} method.  An additional {{applyToCredential}} method can also be added accordingly.  An additional {{getCredentialAcquireSupport}} method should be added as well; though it could be {{default}}, the default implementation would be less than optimal as it would have to delegate to {{getCredential}} to function properly.
> It might be a good idea to add this overload now while the compatibility impact would be minimal; in this case, the new {{getCredentialAcquireSupport}} method would not have to be {{default}} (instead, the two-argument form could be made {{default}} or removed completely in favor of the three-argument version).
> {quote}



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list