Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-10568

Elytron - it should also be possible to store OTP algorithm on security realm level

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Major
    • None
    • 7.1.0.DR17
    • Security

    Description

      It should be possible to store OTP algorithm name on security realm level too.

      Using of the OTP SASL mechanism requires modifiable realm and currently only ldap-realm integration is finished.

      The ldap-realm now requires to store the algorithm name into an LDAP attribute together with the rest of OTP configuration (seed, hash, sequence), but this can be limiting (or space vasting) when the algorithm is the same for all users in the realm. There should be a possibility to configure the OTP algorithm name also on the realm level and share it for users. Make it an alternative for ldap-realm.identity-mapping.otp-credential-mapper.algorithm-from configuration.

      Attachments

        Issue Links

          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-10629 Elytron - unable to use OTP SASL mechanism

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Pull Request Sent
          is cloned by

          Feature Request - Feature requests from customers and/or users WFCORE-2732 Elytron - it should also be possible to store OTP algorithm on security realm level

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Open

          Activity

            People

              jondruse@redhat.com Jiri Ondrusek
              josef.cacek@gmail.com Josef Cacek (Inactive)
              Martin Svehla Martin Svehla
              Martin Svehla Martin Svehla
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: