You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Keith Wall (JIRA)" <ji...@apache.org> on 2016/02/23 11:37:18 UTC

[jira] [Created] (QPID-7092) User identity must be unique

Keith Wall created QPID-7092:
--------------------------------

             Summary: User identity must be unique
                 Key: QPID-7092
                 URL: https://issues.apache.org/jira/browse/QPID-7092
             Project: Qpid
          Issue Type: Improvement
          Components: Java Broker
            Reporter: Keith Wall


The Java Broker's model has an authentication provider associated with each port.  This means that a single Broker may be configured to use more than authentication provider at once.  For instance, it would be possible to use LDAP authentication for messaging connections and use OAUTH2 for management.

Currently a user's identity within the Broker represented by a simple name (string).  This approach gives rise to the possibility of a conflict: a user 'fred' from an authentication provider A may not be the same person as user 'fred' from authentication system B.  At the moment the group provider implementations and access control can not distinguish.  

Authentication providers need to have the ability to produce a unique stable identifier for each user.    Group providers and access control providers need a mechanism ability to act for only identities from a particular authentication provider source(s).  





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org