[jboss-jira] [JBoss JIRA] (WFCORE-3767) Ability to configure each aggregated realm separately
Farah Juma (Jira)
issues at jboss.org
Fri Jun 21 11:57:00 EDT 2019
[ https://issues.jboss.org/browse/WFCORE-3767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Farah Juma resolved WFCORE-3767.
--------------------------------
Resolution: Duplicate Issue
> Ability to configure each aggregated realm separately
> -----------------------------------------------------
>
> Key: WFCORE-3767
> URL: https://issues.jboss.org/browse/WFCORE-3767
> Project: WildFly Core
> Issue Type: Enhancement
> Components: Security
> Reporter: Jean Francois Denise
> Priority: Major
> Attachments: conf-extract
>
>
> The use-case is EXTERNAL + role derived from mgmt-groups.properties. To achieve this use-case a realm aggregate is needed. Each aggregated realm can't be configured with its own principal-transformer. So each realm is impacted by the transformer set on the aggregation.
> Allowing to configure each realm separately would offer the flexibility to isolate principal transformation for authorisation and not impact authentication.
> Authentication impact is quite important, an alias in the trust-store and the decoded principal must match exactly. Something that shouldn't be made mandatory in this case.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list