You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "David Jencks (JIRA)" <de...@geronimo.apache.org> on 2005/08/17 08:59:56 UTC
[jira] Created: (GERONIMO-883) We need a flag to indicate if login modules should have their principals wrapped or not
We need a flag to indicate if login modules should have their principals wrapped or not
---------------------------------------------------------------------------------------
Key: GERONIMO-883
URL: http://issues.apache.org/jira/browse/GERONIMO-883
Project: Geronimo
Type: Bug
Components: security
Versions: 1.0-M5
Reporter: David Jencks
Assigned to: David Jencks
Fix For: 1.0-M5
Currently we are wrapping all principals returned from a "user" login module, and no one really knows whether each login module gets its own Subject or the Subject is shared. We need to provide a flag in LoginModuleUse that selects either:
-- principals are wrapped and login module gets a new Subject
-- principals are not wrapped and login module gets a shared Subject.
The first is likely to be used for normal login modules that actually verify something based on user input, the second for things like auditing or mapping credentials for connectors where access to principals generated by other login modules is required.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-883) We need a flag to indicate if login modules should have their principals wrapped or not
Posted by "Aaron Mulder (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-883?page=comments#action_12359311 ]
Aaron Mulder commented on GERONIMO-883:
---------------------------------------
Isn't this done?!? I know we don't have it in the login-config.xsd, but otherwise I think this is ready to be tested.
> We need a flag to indicate if login modules should have their principals wrapped or not
> ---------------------------------------------------------------------------------------
>
> Key: GERONIMO-883
> URL: http://issues.apache.org/jira/browse/GERONIMO-883
> Project: Geronimo
> Type: Bug
> Components: security
> Versions: 1.0-M5
> Reporter: David Jencks
> Assignee: Alan Cabrera
> Fix For: 1.0
>
> Currently we are wrapping all principals returned from a "user" login module, and no one really knows whether each login module gets its own Subject or the Subject is shared. We need to provide a flag in LoginModuleUse that selects either:
> -- principals are wrapped and login module gets a new Subject
> -- principals are not wrapped and login module gets a shared Subject.
> The first is likely to be used for normal login modules that actually verify something based on user input, the second for things like auditing or mapping credentials for connectors where access to principals generated by other login modules is required.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Assigned: (GERONIMO-883) We need a flag to indicate if login modules should have their principals wrapped or not
Posted by "Alan Cabrera (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-883?page=all ]
Alan Cabrera reassigned GERONIMO-883:
-------------------------------------
Assign To: Alan Cabrera (was: David Jencks)
> We need a flag to indicate if login modules should have their principals wrapped or not
> ---------------------------------------------------------------------------------------
>
> Key: GERONIMO-883
> URL: http://issues.apache.org/jira/browse/GERONIMO-883
> Project: Geronimo
> Type: Bug
> Components: security
> Versions: 1.0-M5
> Reporter: David Jencks
> Assignee: Alan Cabrera
> Fix For: 1.0-M5
>
> Currently we are wrapping all principals returned from a "user" login module, and no one really knows whether each login module gets its own Subject or the Subject is shared. We need to provide a flag in LoginModuleUse that selects either:
> -- principals are wrapped and login module gets a new Subject
> -- principals are not wrapped and login module gets a shared Subject.
> The first is likely to be used for normal login modules that actually verify something based on user input, the second for things like auditing or mapping credentials for connectors where access to principals generated by other login modules is required.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Closed: (GERONIMO-883) We need a flag to indicate if login modules should have their principals wrapped or not
Posted by "David Jencks (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-883?page=all ]
David Jencks closed GERONIMO-883:
---------------------------------
Fix Version: 1.0
(was: 1.x)
Resolution: Fixed
This has been implemented for a long time, I don't know why alan didn't close it.
> We need a flag to indicate if login modules should have their principals wrapped or not
> ---------------------------------------------------------------------------------------
>
> Key: GERONIMO-883
> URL: http://issues.apache.org/jira/browse/GERONIMO-883
> Project: Geronimo
> Type: Bug
> Components: security
> Versions: 1.0-M5
> Reporter: David Jencks
> Assignee: Alan Cabrera
> Fix For: 1.0
>
> Currently we are wrapping all principals returned from a "user" login module, and no one really knows whether each login module gets its own Subject or the Subject is shared. We need to provide a flag in LoginModuleUse that selects either:
> -- principals are wrapped and login module gets a new Subject
> -- principals are not wrapped and login module gets a shared Subject.
> The first is likely to be used for normal login modules that actually verify something based on user input, the second for things like auditing or mapping credentials for connectors where access to principals generated by other login modules is required.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-883) We need a flag to indicate if login modules should have their principals wrapped or not
Posted by "Matt Hogstrom (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-883?page=all ]
Matt Hogstrom updated GERONIMO-883:
-----------------------------------
Fix Version: 1.x
(was: 1.0)
Moving to 1.x
> We need a flag to indicate if login modules should have their principals wrapped or not
> ---------------------------------------------------------------------------------------
>
> Key: GERONIMO-883
> URL: http://issues.apache.org/jira/browse/GERONIMO-883
> Project: Geronimo
> Type: Bug
> Components: security
> Versions: 1.0-M5
> Reporter: David Jencks
> Assignee: Alan Cabrera
> Fix For: 1.x
>
> Currently we are wrapping all principals returned from a "user" login module, and no one really knows whether each login module gets its own Subject or the Subject is shared. We need to provide a flag in LoginModuleUse that selects either:
> -- principals are wrapped and login module gets a new Subject
> -- principals are not wrapped and login module gets a shared Subject.
> The first is likely to be used for normal login modules that actually verify something based on user input, the second for things like auditing or mapping credentials for connectors where access to principals generated by other login modules is required.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-883) We need a flag to indicate if login modules should have their principals wrapped or not
Posted by "David Blevins (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-883?page=all ]
David Blevins updated GERONIMO-883:
-----------------------------------
Fix Version: 1.0
(was: 1.0-M5)
> We need a flag to indicate if login modules should have their principals wrapped or not
> ---------------------------------------------------------------------------------------
>
> Key: GERONIMO-883
> URL: http://issues.apache.org/jira/browse/GERONIMO-883
> Project: Geronimo
> Type: Bug
> Components: security
> Versions: 1.0-M5
> Reporter: David Jencks
> Assignee: Alan Cabrera
> Fix For: 1.0
>
> Currently we are wrapping all principals returned from a "user" login module, and no one really knows whether each login module gets its own Subject or the Subject is shared. We need to provide a flag in LoginModuleUse that selects either:
> -- principals are wrapped and login module gets a new Subject
> -- principals are not wrapped and login module gets a shared Subject.
> The first is likely to be used for normal login modules that actually verify something based on user input, the second for things like auditing or mapping credentials for connectors where access to principals generated by other login modules is required.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira