karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Piotr Klimczak (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KARAF-2219) Add option to jaas LoginModules to skip checking the credentials
Date Fri, 01 Aug 2014 11:04:38 GMT

    [ https://issues.apache.org/jira/browse/KARAF-2219?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14082136#comment-14082136
] 

Piotr Klimczak commented on KARAF-2219:
---------------------------------------

Just started to work with it.
My idea was to create an option like: allowTlsAuthentication=true/false.
The thing is to not to break it's current functionality and to let it work with tls authenticated
contexts and username/password context in parallel.
That is because of JAASLoginModules nature- those modules are often shared.
Hopefully final solution will be beautiful enough. If not, then there will be no other choice
than just to separate them.
We will see. I am starting to code :) 

BTW. Do we really want to fix it in 4.0.0, not in 2.3. 3.0, 3.1?

> Add option to jaas LoginModules to skip checking the credentials
> ----------------------------------------------------------------
>
>                 Key: KARAF-2219
>                 URL: https://issues.apache.org/jira/browse/KARAF-2219
>             Project: Karaf
>          Issue Type: Improvement
>          Components: karaf-core
>    Affects Versions: 3.0.0
>            Reporter: Christian Schneider
>             Fix For: 4.0.0
>
>
> In some cases the user is already authenticated in some other way and a JAAS LoginModule
should only retrieve the roles of a user. 
> For this case it makes sense to introduce an option like "checkCredentials" or "authenticate"
with default to true. If it is set to false in a jaas realm module config then the credentials
should not be validated.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message