Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-5809

Add possibility to obtain custom principal from Elytron

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Major Major
    • None
    • None
    • Security
    • None

      Users migrating from legacy security that were using custom login modules could use custom principals as well. 

      Elytron realms require principal to be instance of NamePrincipal for authentication. All current principal transformers take place before the authentication and NamePrincipal is final class, so custom principals can not be returned from Elytron. 

      Current solution for such users is to use SecurityIdentity obtained from current SecurityDomain and utilize SecurityIdentity' attributes to obtain information from realms. This solution has a drawback of having to change the application code when migrating and having to rely on SecurityDomain and SecurityIdentity instead of more generic and standardized methods like SecurityContext.getCallerPrincipal() .

      This issue is to add possibility to obtain custom principal from Elytron. Possible solution is to introduce new principal transformer resource that takes place after authentication and can use SecurityIdentity's attributes to transfer information and map it a custom principal type at the end.

              Unassigned Unassigned
              dvilkola@redhat.com Diana Krepinska (Inactive)
              Votes:
              4 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: