[jira] Created: (MDEPLOY-119) Allow pluggable authentication (using JAAS ?) so that the username and password to connect to a deployment repository can be generated by a Single Sign On-enabled client

Sat, 20 Mar 2010 04:56:54 -0700 

Allow pluggable authentication (using JAAS ?) so that the username and password 
to connect to a deployment repository can be generated by a Single Sign 
On-enabled client
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------

                 Key: MDEPLOY-119
                 URL: http://jira.codehaus.org/browse/MDEPLOY-119
             Project: Maven 2.x Deploy Plugin
          Issue Type: New Feature
          Components: deploy:deploy
    Affects Versions: 2.5
            Reporter: David Boden
            Priority: Minor


The username and password used to authenticate with the remote repository 
during deployment are stored in the user's settings.xml under the <servers/> 
structure. This structure allows a username and password to be specified, or 
for a .ssh private key to be specified.

It does not allow for pluggable single sign on, where a Java module (perhaps a 
JAAS LoginModule) is available on the client to generate a token in place of a 
password. Many corporates use this technique for other web applications, 
generating an LDAP token from the user's PC and verifying it against an LDAP 
server on the server side. It adds security by removing the need to pass the 
user's password over the wire.

This Jira is a request for a pluggable entry point for this single sign on 
module, perhaps by specifying a class name in the <server/> structure or by 
setting a system property. The solution could either define a new interface 
which Authentication Providers must implement or can use existing interfaces 
from JAAS, (Http) Authenticator or other frameworks.

Please feel free to move this item to the "Maven Wagon" component if you feel 
that's the best place to implement the feature. Alternatively, please also feel 
free to move to the generic "Maven 2&3" component if you think that the feature 
has wider scope than just deployment; perhaps to also authenticate using Single 
Sign On with an internal company's repository when *downloading* artifacts (as 
well as uploading).

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to