[teiid-issues] [JBoss JIRA] (TEIID-4561) Deprecate the PassthroughIdentityLoginModule

Steven Hawkins (JIRA) issues at jboss.org
Fri Nov 11 19:40:00 EST 2016


    [ https://issues.jboss.org/browse/TEIID-4561?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13321397#comment-13321397 ] 

Steven Hawkins commented on TEIID-4561:
---------------------------------------

> Yes, the subject passed into the initialize is same one goes into the data source

So to circle back to the discussion of the ThreadLocal, my thought is that if AuthFilter had access to that same Subject then it could add the private credential instead.

> but initialize creates a new Subject

It could be my unfamiliarity, but can you explain where that is happening as it doesn't appear to be in the login module code.

>  Yes, I may have used same code.

Also it doesn't appear that the callerSubject is ever used.

> Deprecate the PassthroughIdentityLoginModule
> --------------------------------------------
>
>                 Key: TEIID-4561
>                 URL: https://issues.jboss.org/browse/TEIID-4561
>             Project: Teiid
>          Issue Type: Quality Risk
>          Components: Server
>            Reporter: Steven Hawkins
>            Assignee: Steven Hawkins
>             Fix For: 9.2
>
>
> The delegation capability of the PassthroughIdentityLoginModule can be associated with the underlying OAuth10/20 login modules (similar to the delegationCredential behavior of the KerberosLoginModule).  Also the OAuthCredentialContext should be changed to use the Subject private credentials rather than a ThreadLocal.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)


More information about the teiid-issues mailing list