[jboss-jira] [JBoss JIRA] (WFCORE-3666) Provide Elytron alternative to RoleMappingLoginModule
Martin Choma (JIRA)
issues at jboss.org
Thu Apr 26 09:18:00 EDT 2018
[ https://issues.jboss.org/browse/WFCORE-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13567609#comment-13567609 ]
Martin Choma commented on WFCORE-3666:
--------------------------------------
[~msvehla] Can you create EAP7 issue as we have Dev/QE/GSS agreement?
> Provide Elytron alternative to RoleMappingLoginModule
> -----------------------------------------------------
>
> Key: WFCORE-3666
> URL: https://issues.jboss.org/browse/WFCORE-3666
> Project: WildFly Core
> Issue Type: Feature Request
> Components: Security
> Affects Versions: 4.0.0.Final
> Reporter: Martin Choma
>
> In picketbox there is RoleMappingLoginModule [1], which takes role as returned from authorization process and maps to different role. I thought something similar should be configurable with some of Elytron role-mappers. But looking into model/code, it is not obvious to me which of them can be used. I know custom role mapper can be still used, but I wonder if we really do not provide this common funcionality out of the box with Elytron.
> Another workaround is to use direct roles from realm (e.g. LDAP ) in target (e.g. web.xml). But seems users tend to map IDM Roles to applicaiton roles.
> [1] https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1/html-single/login_module_reference/#rolemapping_login_module
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list