Keith Wall created QPID-7166:
--------------------------------
Summary: Make user/group names produced by authentication and
group providers realm qualified
Key: QPID-7166
URL: https://issues.apache.org/jira/browse/QPID-7166
Project: Qpid
Issue Type: New Feature
Components: Java Broker
Reporter: Keith Wall
Fix For: qpid-java-6.1
Change the existing authentication providers/group providers to produce
principals contain a realm qualified names.
The realm qualified name will be in the form {identity}@{realm}. The identity
and realm will need to be encoded (how?).
The formation of the realm name will follow Section 6 RFC-4120. Ultimately all
authentication and group providers will have an {{realmName}}. The Broker will
enforce a business rule that all realm names are unique.
Some authentication provides will capable of defaulting the realm name. For
instance, an LDAP authentication provider might default its realm name to be
the full qualified domain name of the LDAP server itself. If the provider has
a default, this must be overridable, to allow duplicate realm names to be avoid.
https://cwiki.apache.org/confluence/display/qpid/Identity+in+the+Java+Broker
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
