qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Rudyy (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPID-7166) Make user/group names produced by authentication and group providers realm qualified
Date Mon, 04 Jun 2018 10:51:00 GMT

    [ https://issues.apache.org/jira/browse/QPID-7166?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16500042#comment-16500042
] 

Alex Rudyy commented on QPID-7166:
----------------------------------

The work is de-scoped from 7.1.0 for later

> Make user/group names produced by authentication and group providers realm qualified
> ------------------------------------------------------------------------------------
>
>                 Key: QPID-7166
>                 URL: https://issues.apache.org/jira/browse/QPID-7166
>             Project: Qpid
>          Issue Type: New Feature
>          Components: Broker-J
>            Reporter: Keith Wall
>            Priority: Major
>              Labels: Broker-J-Identity
>             Fix For: Future
>
>
> Change the existing authentication providers/group providers to produce principals contain
a realm qualified names.
> The realm qualified name will be in the form: {noformat}{identity}@{realm}{noformat}
 The identity and realm will need to be encoded (how?).
> The formation of the realm name will follow Section 6 RFC-4120. Ultimately all authentication
and group providers will have an {{realmName}}.  The Broker will enforce a business rule that
all realm names are unique.
> Some authentication provides will capable of defaulting the realm name.  For instance,
an LDAP authentication provider might default its realm name to be the full qualified domain
name of the LDAP server itself.  If the provider has a default, this must be overridable,
to allow duplicate realm names to be avoided.
> https://cwiki.apache.org/confluence/display/qpid/Identity+in+the+Java+Broker



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message