Details
-
Enhancement
-
Resolution: Done
-
Major
-
None
-
None
-
Low
Description
Add a method to SecurityIdentity which accepts a name and uses it to attempt to authorize a run-as-principal operation. Unlike org.wildfly.security.auth.server.ServerAuthenticationContext#authorize(), this method performs the authorization in the context of an existing, established SecurityIdentity instead of creating a new one based off of an authentication.
The existing authorize() method on SAC should be refactored to reuse SecurityIdentity's authorize function once this change is made.