[security-dev] Undertow IDM

Pedro Igor Silva psilva at redhat.com
Wed Apr 24 18:21:53 EDT 2013


----- Original Message -----
> From: "Shane Bryzak" <sbryzak at redhat.com>
> To: security-dev at lists.jboss.org
> Sent: Wednesday, April 24, 2013 6:45:58 PM
> Subject: Re: [security-dev] Undertow IDM
> 
> On 25/04/13 05:38, Pedro Igor Silva wrote:
> > I think PL IDM can supply most of the methods defined in the
> > IdentityManager interface.
> >
> > Only not sure about the somethings related with password reset and account
> > locking. Althought the Credential API maintains the history of password
> > updates and custom attributes can also be used. Not sure, but maybe we
> > should have that in PL IDM, built-in support for password reset and
> > account locking.
> 
> We already provide support for account locking:
> 
> user.setEnabled(false);

Yeah, I was thinking in something else. Like a built-in support for attempts and then lock accounts, etc. Or even lock the account when the password expires. But I agree that this is something application-specific and simple to do with what we already provide.

> 
> As for password reset, I really think that it's an application-specific
> function.  It's really only a couple of lines of PLIDM code, the bulk of
> the work is building the user interface and action bean.
> 
> >
> > Regarding DIGEST authentication and the getPassword method, if using PL IDM
> > this method is not necessary because we always store the HA1 value
> > (MD5(username:realm:password)). So you only need to pass the provided
> > password that it will be checked internally.
> >
> > Regards.
> > Pedro Igor
> >
> > ----- Original Message -----
> > From: "Anil Saldhana" <Anil.Saldhana at redhat.com>
> > To: security-dev at lists.jboss.org
> > Sent: Wednesday, April 24, 2013 3:54:48 PM
> > Subject: [security-dev] Undertow IDM
> >
> > Hi all,
> > https://github.com/undertow-io/undertow/tree/master/core/src/main/java/io/undertow/security/idm
> >
> > I am wondering how we can use PicketLink IDM in Undertow.
> >
> > Regards,
> > Anil
> > _______________________________________________
> > security-dev mailing list
> > security-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/security-dev
> > _______________________________________________
> > security-dev mailing list
> > security-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/security-dev
> 
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
> 


More information about the security-dev mailing list