Loading...

This issue belongs to an archived project. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Type: Enhancement
Resolution: Done
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: REST, Security, Server
Labels:
None

Sprint:
DataGrid Sprint #30
Git Pull Request:
https://github.com/infinispan/infinispan/pull/7109, https://github.com/infinispan/infinispan/pull/7119, https://github.com/infinispan/infinispan/pull/7121

The REST endpoint does not use the authenticated user to access authz caches. We need to:

integrate with the ServerAuthenticationProvider as used by the Hot Rod endpoint so that we can use security callbacks and retrieve a fully populated subject (including groups). This should ultimately connect with Elytron.
add SecurityActions within the rest code
Return 403 forbidden where needed

is blocked by

ISPN-10316 Support for Elytron in the REST server

Closed

is cloned by

JDG-2959 REST endpoint authorization

Closed

is related to

ISPN-8546 Add Digest authenticator to the REST endpoint

Closed

ISPN-9704 REST fine grained security support

Closed

ISPN-10374 Add Client Cert authenticator to the REST endpoint

Closed

Assignee:: Tristan Tarrant

Reporter:: Tristan Tarrant

Archiver:: Amol Dongare

Created:: 2018/01/30 11:11 AM

Updated:: 2022/09/09 7:10 AM

Resolved:: 2019/07/04 3:34 AM

Archived:: 2024/11/28 6:21 AM