[jboss-jira] [JBoss JIRA] (WFCORE-3767) Ability to configure each aggregated realm separately
Darran Lofthouse (JIRA)
issues at jboss.org
Fri May 11 07:54:03 EDT 2018
[ https://issues.jboss.org/browse/WFCORE-3767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse reassigned WFCORE-3767:
----------------------------------------
Assignee: (was: Darran Lofthouse)
> Ability to configure each aggregated realm separately
> -----------------------------------------------------
>
> Key: WFCORE-3767
> URL: https://issues.jboss.org/browse/WFCORE-3767
> Project: WildFly Core
> Issue Type: Enhancement
> Components: Security
> Reporter: Jean-Francois Denise
> Attachments: conf-extract
>
>
> The use-case is EXTERNAL + role derived from mgmt-groups.properties. To achieve this use-case a realm aggregate is needed. Each aggregated realm can't be configured with its own principal-transformer. So each realm is impacted by the transformer set on the aggregation.
> Allowing to configure each realm separately would offer the flexibility to isolate principal transformation for authorisation and not impact authentication.
> Authentication impact is quite important, an alias in the trust-store and the decoded principal must match exactly. Something that shouldn't be made mandatory in this case.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list