Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-447

Connection Reauthentication and Security Propagation

XMLWordPrintable

      This task is a top level task to coordinate the addition of support for switching to different security identities on an existing connection over Remoting.

      This is to predominantly cover two major scenarios: -

      • Clients using a single connection but require different calls to be executed as different users, in this case the client has the information required to start a new authentication as a different user.
      • Server to server communication where the first server has already authenticated a remote user - for this scenario the first server needs a way to tell the second server what identity to run the call as.

      The following document is building up the requirements and design considerations and decisions: -

      https://community.jboss.org/wiki/ConnectionRe-AuthenticationAndSecurityPropagation

          1.
          		 Allow more control over authentication for server to server communication through remote-outbound-connection Sub-task Closed Major Darran Lofthouse
          2.
          		 Re visit authentication tokens Sub-task Closed Major Darran Lofthouse
          3.
          		 Review SecurityContext associations Sub-task Closed Major David Lloyd
          4.
          		 Implement Trust for users requesting to run as a different user. Sub-task Closed Major Darran Lofthouse
          5.
          		 Verify audit implications and required APIs Sub-task Closed Major Darran Lofthouse

              Unassigned Unassigned
              darran.lofthouse@redhat.com Darran Lofthouse
              Votes:
              8 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: