[jboss-jira] [JBoss JIRA] (WFLY-12660) Make IP address of remote EJB client accessible to the developer from within app authentication code

Thu Oct 10 17:26:00 EDT 2019

     [ https://issues.jboss.org/browse/WFLY-12660?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Farah Juma moved EAP7-1357 to WFLY-12660:
-----------------------------------------

                      Project: WildFly  (was: EAP 7 Planning Pilot)
                          Key: WFLY-12660  (was: EAP7-1357)
                   Issue Type: Feature Request  (was: Requirement)
                     Workflow: GIT Pull Request workflow   (was: EAP Agile Workflow 2.0)
                  Component/s: Security
                                   (was: Security)
      EAP PT Pre-Checked (PC):   (was: TODO)
               Target Release:   (was: 7.4.0.GA)
     EAP PT Product Docs (PD):   (was: New)
    EAP PT Docs Analysis (DA):   (was: TODO)
                       Writer:   (was: Tomas Radej)


> Make IP address of remote EJB client accessible to the developer from within app authentication code
> ----------------------------------------------------------------------------------------------------
>
>                 Key: WFLY-12660
>                 URL: https://issues.jboss.org/browse/WFLY-12660
>             Project: WildFly
>          Issue Type: Feature Request
>          Components: Security
>            Reporter: Farah Juma
>            Assignee: Farah Juma
>            Priority: Minor
>              Labels: EAP-CD19, Previous_RFE, eap-7.2.0-deferred, eap-7.3.0-deferred
>
> UPDATE: 
> This requirement now applies to the new security implementation based on Elytron.
> When a customer writes an authentication module using Elytron (similar to login module) where the custom code is involved in authenticating or authorizing , that user will be able to check the IP of the client that initiated the request so that they can auth decisions based on client IP.
> ====================
> 2. Who is the customer behind the request?
> Account:  Alcatel - Canada (612917)
> TAM customer: no
> SRM customer: no
> Strategic: no
> 3. What is the nature and description of the request?
> The customer wants to be able to get the IP address of the
> EJB client in the login module when the security-realm is 
> configured to defer to jaas.
> 4. Why does the customer need this? (List the business requirements here)
> The customer needs the IP address of the client during the authentication process.
> They use the IP address in their custom login module.
> 5. How would the customer like to achieve this? (List the functional requirements here)
> 6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.
> Configure the ApplicationRealm security-realm to defer to JAAS.  Implement a custom login module that retrieves the IP address of the standalone EJB client.
> 8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?
> As soon as possible. 


--
This message was sent by Atlassian Jira
(v7.13.8#713008)