[jboss-jira] [JBoss JIRA] (WFLY-12660) Make IP address of remote EJB client accessible to the developer from within app authentication code

Farah Juma (Jira) issues at jboss.org
Thu Oct 10 17:27:00 EDT 2019 

     [ https://issues.jboss.org/browse/WFLY-12660?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Farah Juma updated WFLY-12660:
------------------------------
    Description: 
This requirement now applies to the new security implementation based on Elytron.
When a user writes an authentication module using Elytron (similar to login module) where the custom code is involved in authenticating or authorizing , that user will be able to check the IP of the client that initiated the request so that they can auth decisions based on client IP.




  was:


This requirement now applies to the new security implementation based on Elytron.
When a customer writes an authentication module using Elytron (similar to login module) where the custom code is involved in authenticating or authorizing , that user will be able to check the IP of the client that initiated the request so that they can auth decisions based on client IP.

====================
2. Who is the customer behind the request?
Account:  Alcatel - Canada (612917)
TAM customer: no
SRM customer: no
Strategic: no

3. What is the nature and description of the request?

The customer wants to be able to get the IP address of the
EJB client in the login module when the security-realm is 
configured to defer to jaas.

4. Why does the customer need this? (List the business requirements here)

The customer needs the IP address of the client during the authentication process.
They use the IP address in their custom login module.

5. How would the customer like to achieve this? (List the functional requirements here)

6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.

Configure the ApplicationRealm security-realm to defer to JAAS.  Implement a custom login module that retrieves the IP address of the standalone EJB client.

8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?

As soon as possible. 




> Make IP address of remote EJB client accessible to the developer from within app authentication code
> ----------------------------------------------------------------------------------------------------
>
>                 Key: WFLY-12660
>                 URL: https://issues.jboss.org/browse/WFLY-12660
>             Project: WildFly
>          Issue Type: Feature Request
>          Components: Security
>            Reporter: Farah Juma
>            Assignee: Farah Juma
>            Priority: Minor
>              Labels: EAP-CD19, Previous_RFE, eap-7.2.0-deferred, eap-7.3.0-deferred
>
> This requirement now applies to the new security implementation based on Elytron.
> When a user writes an authentication module using Elytron (similar to login module) where the custom code is involved in authenticating or authorizing , that user will be able to check the IP of the client that initiated the request so that they can auth decisions based on client IP.



--
This message was sent by Atlassian Jira
(v7.13.8#713008)

More information about the jboss-jira mailing list