Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-36

Server Authentication Context Lifecycle

    XMLWordPrintable

Details

    • Task
    • Resolution: Obsolete
    • Major
    • 1.1.0.CR2
    • None
    • API / SPI
    • None

    Description

      The authentication context is used with a sequence of calls during the authentication process, this task is to look into how we can apply a lifecycle to that so that appropriate clean up can be performed.

      This could be closely related to ELY-35 which specifically looks at outcome notification.

      When considering a lifecycle I think we have two key events to think about, the most natural one being once the authentication process is complete regardless of outcome - however should also consider intermediate responses going back to the client - we do not want to be holding onto expensive resources once we pass control back to the client as that risks a Dos based attack.

      Attachments

        Issue Links

          is incorporated by

          Bug - A problem that impairs or prevents the functions of the product. ELY-335 ServerAuthenticationContext state machine is incorrect

          • Critical - To be worked on immediately following BLOCKER issues.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              darran.lofthouse@redhat.com Darran Lofthouse
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: