[jira] [Commented] (KNOX-641) Support CAS / OAuth / OpenID C / SAML protocols using pac4j

Tue, 15 Dec 2015 05:15:08 -0800 

    [ 
https://issues.apache.org/jira/browse/KNOX-641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15058033#comment-15058033
 ] 

Larry McCay commented on KNOX-641:
----------------------------------

* I think that @since tag is fine. Though it will need to change if it doesn't 
make it into 0.7.0. :)
* extracting getDomainName into the Urls utility class - when I added the check 
for domainSuffix I passed it because I saw that you extracted it in an earlier 
pull request. It should be easily moved now. Just note the domainSuffix idea 
that I added.
* If we can test for any of the pac4j provider assumptions with unit tests that 
would be great.
* Ultimately, I did open a new browser to move the CAS server instead of the 
testBasicAuth - which is what I expected. I do understand the intent of the 
testBasicAuth - I just question the value, given the ability as you mention and 
as the test CAS server has configured to do the same there.
* I'm not sure that we want to remove the pac4j identity context once we have a 
KnoxSSO cookie. I could probably be convinced that it is appropriate though.  
It would certainly address this concern but it would also constrain the 
underlying SSO session to the TTL of the KnoxSSO token. I think it should 
probably come down to the number of places that session lifetime needs to be 
configured. If it were central to the actual SSO solution that would be ideal 
and we should maintain the session as managed from there. If it ends up being 
distributed to the pac4j provider instances and we require lifetime 
configuration from both KnoxSSO and pac4j provider then it may be best to 
consolidate it to KnoxSSO.

> Support CAS / OAuth / OpenID C / SAML protocols using pac4j
> -----------------------------------------------------------
>
>                 Key: KNOX-641
>                 URL: https://issues.apache.org/jira/browse/KNOX-641
>             Project: Apache Knox
>          Issue Type: New Feature
>            Reporter: Jérôme Leleu
>            Assignee: Jérôme Leleu
>             Fix For: 0.7.0
>
>         Attachments: KNOX-641.patch
>
>




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to