[security-dev] Undertow IDM
Stuart Douglas
sdouglas at redhat.com
Wed Apr 24 16:54:36 EDT 2013
Pedro Igor Silva wrote:
> I think PL IDM can supply most of the methods defined in the IdentityManager interface.
>
> Only not sure about the somethings related with password reset and account locking. Althought the Credential API maintains the history of password updates and custom attributes can also be used. Not sure, but maybe we should have that in PL IDM, built-in support for password reset and account locking.
>
Not really sure what you mean here?
> Regarding DIGEST authentication and the getPassword method, if using PL IDM this method is not necessary because we always store the HA1 value (MD5(username:realm:password)). So you only need to pass the provided password that it will be checked internally.
In that case you only need to implement the getHash() method, and just
leave getPassword() returning null.
In general one of the main aims of the Undertow IDM API is to be a
wrapper that allows us to use the PL IDM without a direct dependency on
PL, while also allowing us to integrate with what we currently have in
the Wildly upstream. If there are potential changes that will make it
easier to integrate with PL then I am happy to discuss them.
Stuart
>
> Regards.
> Pedro Igor
>
> ----- Original Message -----
> From: "Anil Saldhana"<Anil.Saldhana at redhat.com>
> To: security-dev at lists.jboss.org
> Sent: Wednesday, April 24, 2013 3:54:48 PM
> Subject: [security-dev] Undertow IDM
>
> Hi all,
> https://github.com/undertow-io/undertow/tree/master/core/src/main/java/io/undertow/security/idm
>
> I am wondering how we can use PicketLink IDM in Undertow.
>
> Regards,
> Anil
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
More information about the security-dev
mailing list