[security-dev] Undertow IDM

Stuart Douglas sdouglas at redhat.com
Wed Apr 24 16:54:36 EDT 2013



Pedro Igor Silva wrote:
> I think PL IDM can supply most of the methods defined in the IdentityManager interface.
>
> Only not sure about the somethings related with password reset and account locking. Althought the Credential API maintains the history of password updates and custom attributes can also be used. Not sure, but maybe we should have that in PL IDM, built-in support for password reset and account locking.
>

Not really sure what you mean here?

> Regarding DIGEST authentication and the getPassword method, if using PL IDM this method is not necessary because we always store the HA1 value (MD5(username:realm:password)). So you only need to pass the provided password that it will be checked internally.

In that case you only need to implement the getHash() method, and just 
leave getPassword() returning null.

In general one of the main aims of the Undertow IDM API is to be a 
wrapper that allows us to use the PL IDM without a direct dependency on 
PL, while also allowing us to integrate with what we currently have in 
the Wildly upstream. If there are potential changes that will make it 
easier to integrate with PL then I am happy to discuss them.

Stuart

>
> Regards.
> Pedro Igor
>
> ----- Original Message -----
> From: "Anil Saldhana"<Anil.Saldhana at redhat.com>
> To: security-dev at lists.jboss.org
> Sent: Wednesday, April 24, 2013 3:54:48 PM
> Subject: [security-dev] Undertow IDM
>
> Hi all,
> https://github.com/undertow-io/undertow/tree/master/core/src/main/java/io/undertow/security/idm
>
> I am wondering how we can use PicketLink IDM in Undertow.
>
> Regards,
> Anil
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev


More information about the security-dev mailing list