[JBPAPP-8140] Propagation of the Kerberos identity from server to server - JBoss Issue Tracker

XML

Word

Printable

Details

Type: Enhancement
Status: Closed (View Workflow)
Priority: Major
Resolution: Done
Affects Version/s: EAP_EWP 5.1.2
Fix Version/s: EAP_EWP 5.2.0
Component/s: Security
Labels:
None

Affects:

Release Notes
Release Notes Text:

Hide
An enhancement has been made to JBoss Negotiation when configured as an authentication source. If a client authenticates to the server using a forwardable Kerberos ticket then the client's credentials can be accessed on the server using the JBoss Negotiation API and used for further calls (delegation using GSSAPI, WS-Kerberos, credential propagation for EJB calls etc.).

Show
An enhancement has been made to JBoss Negotiation when configured as an authentication source. If a client authenticates to the server using a forwardable Kerberos ticket then the client's credentials can be accessed on the server using the JBoss Negotiation API and used for further calls (delegation using GSSAPI, WS-Kerberos, credential propagation for EJB calls etc.).
Release Notes Docs Status:
Documented as Feature Request
Docs QE Status:
NEW

Description

Customers want to use JBoss Negotiation to authenticate users against an Active Directory domain and have the Kerberos identity propagated to other JBoss servers.

The kerberos identity established by JBoss Negotiation should be stored in such a way that the identity can be propagated to remote servers.

Gliffy Diagrams

Attachments

Activity

People

Assignee:

Darran Lofthouse

Reporter:

Derek Horton

Writer:

Russell Dickenson

Votes:

1 Vote for this issue

Watchers:

4 Start watching this issue

Dates

Created:

16/Feb/12 10:39 AM

Updated:

26/Sep/12 12:40 AM

Resolved:

26/Sep/12 12:40 AM