[security-dev] Replacing Seam RunAsOperation (impersonate)
Sean Flanigan
sflaniga at redhat.com
Sun Jul 12 20:21:11 EDT 2015
Hi Mike,
If the solution is completely SAML-specific, I don't think it will do me
any good, but if you think the general approach could work for other
types, then yes, I'm certainly interested, thanks!
Sean.
On 2015-07-10 23:07, Mike Cirioli wrote:
> Sean -
> I have implemented a user impersonation functionality with PL for the redhat.com's customer facing IdP using picketlink. Its not what I would call pretty, but it does allow our customer service team to authenticate and access any SAML service providers with the identity of the customer having issues.
>
> I'm not sure if this is the same sort of functionality your looking for, but i'd be happy to describe how we did it if your interested.
>
> -mike cirioli
>
>
> On 7/10/15 8:27 AM, Pedro Igor Silva wrote:
>> Hey Sean,
>>
>> You are right, PL is missing that feature. It was planned but now the PL and KC are merging I'm not sure if we are going to implement it in PL.
>>
>> Regarding your question, there is no easy way to specify your own Identity implementation. However, I'm wondering if you can use a custom CDI scope for that. PicketLink allows you to define a specific scope for the Identity bean.
>>
>> Regards.
>> Pedro Igor
>>
>> ----- Original Message -----
>> From: "Sean Flanigan" <sflaniga at redhat.com>
>> To: security-dev at lists.jboss.org
>> Sent: Friday, July 10, 2015 5:37:51 AM
>> Subject: [security-dev] Replacing Seam RunAsOperation (impersonate)
>>
>> I was hoping I had missed an impersonation feature[1], but now I'm
>> thinking there isn't one in PicketLink. Assuming I have to subclass and
>> @Specialize org.picketlink.internal.DefaultIdentity, how would I go
>> about convincing PicketLink to use my implementation?
>>
>> org.picketlink.extension.PicketLinkExtension seems to be vetoing my
>> implementation. Is there some way of telling (or overriding)
>> IdentityBeanDefinition to use my Identity bean class?
>>
>> [1] https://developer.jboss.org/thread/260993
>>
>> Regards,
>>
>> Sean.
>>
--
Sean Flanigan
Principal Software Engineer
Globalisation Tools Engineering
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: OpenPGP digital signature
Url : http://lists.jboss.org/pipermail/security-dev/attachments/20150713/b08bb416/attachment.bin
More information about the security-dev
mailing list