[
https://issues.apache.org/jira/browse/GERONIMO-4445?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Jencks closed GERONIMO-4445.
----------------------------------
Resolution: Fixed
Implementation in rev 723240. I added a "publish" flag to the SecurityRealm
(default true) and a "publish anyway" flag to GeronimoLoginConfiguration
(default false). SimpleCredentialStore can have a collection of realms: if
present it constructs a GeronimoLoginConfiguration using those realms with
"publish anyway" true and uses it to log in the info to create the subjects.
> Make it possible to set up GeronimoLoginConfiguration instances containing
> specific security realms and to exclude others.
> --------------------------------------------------------------------------------------------------------------------------
>
> Key: GERONIMO-4445
> URL: https://issues.apache.org/jira/browse/GERONIMO-4445
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 2.2
> Reporter: David Jencks
> Assignee: David Jencks
> Fix For: 2.2
>
>
> Currently there can really only be one GeronimoLoginConfiguration and it
> finds out about all security realms. There are several uses for additional
> Configuration instances and for excluding security realms from the "default"
> GeronimoLoginConfiguration:
> - run-as and default subject support require securiy realms to create the
> subjects. You might want these security realms to be only accessible through
> CredentialStore instances and not externally: this allows setting up
> privileged Subjects without a password.
> - jaspi auth modules can use JAAS by supplying a Configuration instance.
> This will allows use of the GeronimoLoginConfiguration here.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
