Uploaded image for project: 'ModeShape'
  1. ModeShape
  2. MODE-2496

Custom authentication providers in the AS kit should always be invoked first, before the built-in container providers

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Done
    • Major
    • 4.4.0.Final
    • 4.3.0.Final
    • Configuration, Security
    • None

    Description

      When running a repository via the ModeShape AS subsystem, this repository always uses a JAAS security domain (by default modeshape-security) and creates behind the scenes a container-specific AuthenticationProvider which uses this security domain.

      On the other hand, the AS kit offers the possibility of user-defined custom Authentication providers. If these are present in the configuration, we should make sure they are added first in the chain of providers which will be invoked to authenticate a user, before the built-in container providers.

      Attachments

        Activity

          People

            hchiorean Horia Chiorean (Inactive)
            hchiorean Horia Chiorean (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: