Uploaded image for project: 'Teiid'
  1. Teiid
  2. TEIID-2915

Support consuming REST based service that is secured by Kerberos

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Done
    • Major
    • 8.7.1
    • None
    • Misc. Connectors
    • Medium

    Description

      Add SSO based support for consuming the REST based services that are secured by Kerberos.

      In order to support Kerberos at data source level, the engine needs to support Credential Delegation, then it can be used with CXF as shown in
      http://cxf.apache.org/docs/jaxrs-kerberos.html#JAXRSKerberos-CredentialDelegation

      The SPENGO module needs to check getCredDelegState() flag on the GSS Context, and should provide a way to return the GSSCredential object then Teiid needs to propagate this as session payload and use it in the web-service connector as the delegate to target consumer service.

      As of JBoss EAP 6.1.Alpha, I do not see the delegation in the SPENGO module, so support needs to be available in SPENGO module. Needs to investigate which version of SPENGO module supports this.

      Attachments

        Activity

          People

            rhn-engineering-rareddy Ramesh Reddy
            rhn-engineering-rareddy Ramesh Reddy
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: