[jboss-jira] [JBoss JIRA] (ELY-1591) Provide Elytron alternative to RoleMappingLoginModule

Thu May 24 07:46:00 EDT 2018

     [ https://issues.jboss.org/browse/ELY-1591?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Martin Mazanek moved WFCORE-3882 to ELY-1591:
---------------------------------------------

              Project: WildFly Elytron  (was: WildFly Core)
                  Key: ELY-1591  (was: WFCORE-3882)
          Component/s:     (was: Security)
    Affects Version/s:     (was: 4.0.0.Final)


> Provide Elytron alternative to RoleMappingLoginModule
> -----------------------------------------------------
>
>                 Key: ELY-1591
>                 URL: https://issues.jboss.org/browse/ELY-1591
>             Project: WildFly Elytron
>          Issue Type: Feature Request
>            Reporter: Martin Mazanek
>            Assignee: Martin Mazanek
>
> In picketbox there is RoleMappingLoginModule [1], which takes role as returned from authorization process and maps to different role. I thought something similar should be configurable with some of Elytron role-mappers. But looking into model/code, it is not obvious to me which of them can be used. I know custom role mapper can be still used, but I wonder if we really do not provide this common funcionality out of the box with Elytron.
> Another workaround is to use direct roles from realm (e.g. LDAP ) in target (e.g. web.xml). But seems users tend to map IDM Roles  to applicaiton roles.
> [1] https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1/html-single/login_module_reference/#rolemapping_login_module


--
This message was sent by Atlassian JIRA
(v7.5.0#75005)