Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-8909

Elytron insufficiently covers scenarios with more user storages - Realm Failover

    XMLWordPrintable

Details

    Description

      We report this issue as feature regression between Elytron and PicketBox in following scenario:
      Identity can be stored in more different identity storage (storage1 and storage2). Application server should provide configuration which allows to handle failover (and fallback to storage2) when storage1 is down - i.e. in case when Kerberos authentication failed then different realm can be used for authentication.

      As GSS confirm in [1], fallback from one storage to another is very common scenario used by customers.

      This feature is currently provided by legacy security (PicketBox), but is missing feature in Elytron. It seems that Elytron is missing any sufficient form of Realm Failover.

      We request blocker since this is common scenario used by customers. Missing this feature in Elytron can cause that customers will not be able to migrate to Elytron without changing their data.

      [1] https://issues.jboss.org/browse/JBEAP-8734?focusedCommentId=13362843&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13362843

      Attachments

        Activity

          People

            Unassigned Unassigned
            olukas Ondrej Lukas (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: