Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-383

Update ServerAuthenticationContext to carry an identity from start to end

    XMLWordPrintable

Details

    • Task
    • Resolution: Done
    • Major
    • None
    • None
    • API / SPI
    • None
    • Medium

    Description

      The ServerAuthenticationContext should capture the identity in force for its domain when it is constructed. Any authorization attempt should always apply to the current identity - either the captured identity, or whatever the last successfully authorized identity was in the context.

      The attached state diagram should accurately summarize how authorization identity flows through. Authentication identity is only available during the "NAME ASSIGNED" state; once authorization occurs, the authentication identity is no longer useful and is disposed.

      Attachments

        Activity

          People

            dlloyd@redhat.com David Lloyd
            dlloyd@redhat.com David Lloyd
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: