[GitHub] activemq-artemis pull request #1388: ARTEMIS-1264 allow role mapping via cha...

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[GitHub] activemq-artemis pull request #1388: ARTEMIS-1264 allow role mapping via cha...

franz1981
GitHub user gtully opened a pull request:

    https://github.com/apache/activemq-artemis/pull/1388

    ARTEMIS-1264 allow role mapping via chained login modules

    Add krb5sslloginmodule that will populate userPrincipal that can be mapped to roles independently
    Generalised callback handlers to take a connection and pull certs or peerprincipal based on
    callback. This bubbled up into api change in securitystore and security manager

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/gtully/activemq-artemis ARTEMIS-1264-RoleMapping

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/activemq-artemis/pull/1388.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1388
   
----
commit 2c83408d0dc1d3bc7897a33f31bd110284c1150b
Author: gtully <[hidden email]>
Date:   2017-07-06T15:54:57Z

    ARTEMIS-1264 allow role mapping via chained login modules
   
    Add krb5sslloginmodule that will populate userPrincipal that can be mapped to roles independently
    Generalised callback handlers to take a connection and pull certs or peerprincipal based on
    callback. This bubbled up into api change in securitystore and security manager

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [hidden email] or file a JIRA ticket
with INFRA.
---
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[GitHub] activemq-artemis issue #1388: ARTEMIS-1264 allow role mapping via chained lo...

franz1981
Github user gtully commented on the issue:

    https://github.com/apache/activemq-artemis/pull/1388
 
    note there are some api changes in the mix here, in place of cert[] the connection is passed in. This allows lower levels to pull certs or peer info from the connection on demand. Which in turn allows chaining of login modules. The unit test now works b/c the krbloginModule provides the authenticated user and the properties login module provides the roll mapping


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [hidden email] or file a JIRA ticket
with INFRA.
---
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[GitHub] activemq-artemis pull request #1388: ARTEMIS-1264 allow role mapping via cha...

franz1981
In reply to this post by franz1981
Github user asfgit closed the pull request at:

    https://github.com/apache/activemq-artemis/pull/1388


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [hidden email] or file a JIRA ticket
with INFRA.
---
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[GitHub] activemq-artemis issue #1388: ARTEMIS-1264 allow role mapping via chained lo...

franz1981
In reply to this post by franz1981
Github user gtully commented on the issue:

    https://github.com/apache/activemq-artemis/pull/1388
 
    there is a regression in: org.apache.activemq.artemis.tests.integration.amqp.AmqpSecurityTest.testSendAndRejected
    org.apache.activemq.artemis.core.security.SecurityAuth#getRemotingConnection passing back a null remotingConnection - this needs a little revisit.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [hidden email] or file a JIRA ticket
with INFRA.
---
Loading...