Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-7220

[DOC RFE] Client / Server Security Context Propagation for Remoting and Running As a given user

    XMLWordPrintable

Description

    Provide ability to
    a) Propagate security context from client to the server for remoting calls including EJBs.
    b) Run remote Server components within the security context of a given user.

    Assume the following invocation sequence:

    client invocation as "Bob" -> EJB A on server 1 -> EJB B on server 2

    server 2 will "trust" the invocation from server 1 is being made under the user "Bob", and his permissions, and that server 1 has already authenticated Bob

    Additionally their will be an API for the client application to dynamically switch users over the same underlying connection.

    The feature will be a generic remoting capability available to all remoting based protocols, however users will only interact with it using EJB and remote JNDI invocation.

    For more please see the related RFE: https://issues.jboss.org/browse/PRODMGT-1060

    Attachments

      Issue Links

        is blocked by

        Bug - A problem that impairs or prevents the functions of the product. JBEAP-13056 Add information about ElytronAuthenticator into documentation

        • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
        • Closed
        is related to

        Bug - A problem that impairs or prevents the functions of the product. JBEAP-12934 Authorization identity forwarding not exposed to configuration

        • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
        • Verified
        relates to

        Bug - A problem that impairs or prevents the functions of the product. JBEAP-13056 Add information about ElytronAuthenticator into documentation

        • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
        • Closed

        Bug - A problem that impairs or prevents the functions of the product. JBEAP-11896 (7.1.z) Document how to use Elytron API to switch identities in server-to-server EJB calls

        • Critical - To be worked on immediately following BLOCKER issues.
        • Closed
        links to

        Web Link KCS

        Activity

          People

            sgilda_jira Sande Gilda (Inactive)
            rhn-engineering-jpallich Jiri Pallich
            Darran Lofthouse
            Ondrej Lukas Ondrej Lukas (Inactive)
            Ondrej Lukas Ondrej Lukas (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: