Details
-
Feature Request
-
Resolution: Unresolved
-
Major
-
None
-
None
Description
The IdentityManager interface included within Undertow is not intended as a general purpose identity manager to cover all conceivable scenarios, it's purpose is to identify the methods that must be implemented by an IdentityManager that is going to be used with the standard authentication mechanisms supported by Undertow.
Making the IdentityManager available from the SecurityContext gives the impression it is general purpose. Instead it should be attached to the Exchanged using a pre-agreed key.
Should more complex mechanisms subsequently be provided they can obtain whatever identity manager implementation they require from the exchange as attached by the WildFly integration.
