[jboss-jira] [JBoss JIRA] (ELY-1440) FlexibleIdentityAssociation should runAs the known SecurityIdentity before associating itself.
Farah Juma (Jira)
issues at jboss.org
Wed Jan 8 14:08:57 EST 2020
[ https://issues.redhat.com/browse/ELY-1440?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Farah Juma updated ELY-1440:
----------------------------
Fix Version/s: 1.12.0.CR1
(was: 1.11.0.Final)
> FlexibleIdentityAssociation should runAs the known SecurityIdentity before associating itself.
> ----------------------------------------------------------------------------------------------
>
> Key: ELY-1440
> URL: https://issues.redhat.com/browse/ELY-1440
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: API / SPI
> Reporter: Darran Lofthouse
> Priority: Major
> Fix For: 1.12.0.CR1
>
>
> This API was introduced to cover the case where authentication happens late in a request, generally that is quite a rare event.
> Even though the API may be popular it would likely happen once for a session and all future requests for that session the identity would be known in advance.
> At the moment by not running as the existing identity we are loosing all automatic identity outflow opportunities as calls pass from the servlet container to the EJB container.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list