qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Rudyy (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPID-7092) User identity must be unique
Date Mon, 04 Jun 2018 10:52:00 GMT

    [ https://issues.apache.org/jira/browse/QPID-7092?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16500050#comment-16500050
] 

Alex Rudyy commented on QPID-7092:
----------------------------------

The work is de-scoped from 7.1.0

> User identity must be unique
> ----------------------------
>
>                 Key: QPID-7092
>                 URL: https://issues.apache.org/jira/browse/QPID-7092
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Broker-J
>            Reporter: Keith Wall
>            Priority: Major
>              Labels: Broker-J-Identity
>             Fix For: Future
>
>
> The Java Broker's model has an authentication provider associated with each port.  This
means that a single Broker may be configured to use more than authentication provider at once.
 For instance, it would be possible to use LDAP authentication for messaging connections and
use OAUTH2 for management.
> Currently a user's identity within the Broker represented by a simple name (string).
 This approach gives rise to the possibility of a conflict: a user 'fred' from an authentication
provider A may not be the same person as user 'fred' from authentication system B.  At the
moment the group provider implementations and access control can not distinguish.  
> Authentication providers need to have the ability to produce a unique stable identifier
for each user.    Group providers and access control providers need a mechanism ability to
act for only identities from a particular authentication provider source(s).  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message