[jboss-jira] [JBoss JIRA] (WFCORE-3267) Authorization identity forwarding not exposed to configuration
Brian Stansberry (JIRA)
issues at jboss.org
Sat Sep 9 10:17:00 EDT 2017
[ https://issues.jboss.org/browse/WFCORE-3267?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Stansberry updated WFCORE-3267:
-------------------------------------
Fix Version/s: (was: 3.0.2.CR1)
> Authorization identity forwarding not exposed to configuration
> --------------------------------------------------------------
>
> Key: WFCORE-3267
> URL: https://issues.jboss.org/browse/WFCORE-3267
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Jason Greene
> Assignee: Jason Greene
> Priority: Blocker
> Fix For: 3.0.2.Final
>
>
> As part of EAP7-284, Elytron was designed for and contains implementation to support trusted use of identities between peers in addition to credential forwarding. Cases in which one would prefer this approach include:
> * Scenarios where the user has requirements to not send passwords over the wire. Notably credential forwarding requires TLS and/or secure networks
> * Setups where an authentication type that does not support credential forwarding are used (credential forwarding is limited to Plain, Form, and OAuth, all other mechanisms, including the out of the box Digest auth of EAP are not)
> * Environments where its desired to limit which systems are allowed to receive requests which are propagated
> Due to an oversight this capability was not properly wired to the server configuration (nor a config method on the Elytron API).
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list