[undertow-dev] resteasy oauth undertow security requirements
Bill Burke
bburke at redhat.com
Tue May 14 07:47:37 EDT 2013
On 5/14/2013 12:22 AM, Stuart Douglas wrote:
>
>
> Bill Burke wrote:
>>
>> I'm limited what I can do with my implementation right now because there
>> is no way to store additional metadata beyond user, password, and role
>> mappings. I can port what I have as-is to work under embedded
>> mode/testing mode, but a more rich IDM API would be needed for advanced
>> features.
>
> Is this just the ability to store arbitrary attributes under a user
> account, and the getRoles() method? If this is all you require I think
> we can just add them into the Undertow IDM interface.
>
That works.
>>>> Well, this was pretty simple with a JBossWeb valve. Because one valve
>>>> instance is instantiated per web app, I could just have a
>>>> concurrenthashmap store this information and spawn a very low priority
>>>> thread to reap unused entries.
>
> You could do the same thing in Undertow, but it just depends if you
> would ever want to examine/manage this state in your admin console, in
> which case it would probably need something more.
>
I think your Factory concept (let's call it a UndertowFeature?) would
work well here. An Undertow only Feature would just set up the oath
stuff only. A Wildfly one, would register (or look up) the appropriate
caches with the management layer.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the undertow-dev
mailing list