Book: How to Configure Identity Management
Revision: 3054cc5
Section: 4.2. Configure Client Authentication with Elytron Client and A.1. Reference for wildfly-config.xml

This issue follows up on original JBEAP-7155. Following parts is missing or need to be improved:
Following should be currently improved in section 4.2. CONFIGURE CLIENT AUTHENTICATION WITH ELYTRON CLIENT:

• Add some information which answers on following questions (it can be added before Table 4.1. Common Rules):
  • What happens if list of match-* is empty in rule - it will match or not?
  • If more match-* are set, it must match all of them or at least one of them to choose given rule?
• Table 4.1. Common Rules should be improved
  • match-path - there is information that given /my/path/ matches on http://127.0.0.1:9990/my/path. There is missing information whether /my/path/ would also match on http://127.0.0.1:9990/my/path/subresource? Add this information also to table Table A.2. Match-* (match-rule-type) in APPENDIX A. REFERENCE MATERIAL.
• Provide table with description of basic methods of AuthenticationConfiguration. Similar table as e.g. Table 4.2. Common Rules can be used for basic methods of AuthenticationConfiguration (e.g. useName, usePassword, useRealm ...). It can be added at the end of section 4.2.2. The Programmatic Approach.

What should be improved in APPENDIX A. REFERENCE MATERIAL:

• Table A.4. authentication-configuration-type Attributes
  • "set-host", "set-port", "set-protocol", "set-mechanism-realm" description is not sufficient. What does it mean when some of these attributes are set?
  • provide example for "rewrite-user-name-regex"
• Table A.5. key-store Attributes
  • "key-store-credential" need reformulation (the credential store contains password for accessing key store)
• Table A.6 ssl-context
  • "cipher-suite" description is not sufficient. Which cipher suites are available? How can I set more cipher suites (+separators)?