You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-dev@axis.apache.org by "Boris Dushanov (JIRA)" <ji...@apache.org> on 2016/05/20 08:32:12 UTC

[jira] [Created] (RAMPART-433) Support for Kerberos v5 delegated authentication

Boris Dushanov created RAMPART-433:
--------------------------------------

             Summary: Support for Kerberos v5 delegated authentication
                 Key: RAMPART-433
                 URL: https://issues.apache.org/jira/browse/RAMPART-433
             Project: Rampart
          Issue Type: New Feature
          Components: rampart-core
    Affects Versions: 1.6.2
            Reporter: Boris Dushanov
             Fix For: 1.8.0


This support is based on the Kerberos v5 enhancement provided in RAMPART-417.
Kerberos delegation is supported in wss4j since 1.6.17 so this support requires upgrade from 1.6.16 to 1.6.17.The upgrade is smooth and requires no changes.
The changes in rampart uses the wss4j capabilities.It enhances rampart's kerberos configuration with two new settings - one for requesting a kerberos delegation credential and one for setting such. When the latter is set, rampart requests a Kerberos security token on behalf of the subject for which the credentials are.
The provided implementation also includes a corresponding integration test.An update to Apache DS 2.0 is needed because of an issue in 1.5.7 which is seen when delegation credential is requested.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org