Uploaded image for project: 'Apache Knox'
  1. Apache Knox
  2. KNOX-655

Pac4j Provider Client Selection from client_name Query Parameter

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.8.0
    • Component/s: Server
    • Labels:
      None

      Description

      From dev@ list:

      "In pac4j, we have a callback controller which uses the client_name
      parameter to finish the login process and a protection filter which
      protects a resource and redirects the user to the identity provider for
      login. Since pac4j 1.8, most libraries using it now accept a client_name
      parameter in the protection filter as well to choose the authentication
      mechanism to use if the user is not authenticated.

      With Knox, this feature (choosing the authentication mechanism with the
      client_name parameter) is not available as this parameter is already used
      to define if it's a callback or an access. This could be changed and we
      could opt for a new convention, like a new pac4jCallback parameter to say
      if it's a callback or not. And this way, you could choose on the fly which
      authentication mechanism you want to use."

        Attachments

        1. KNOX-655-002.patch
          12 kB
          Larry McCay
        2. knox655.patch
          12 kB
          Jérôme LELEU

          Issue Links

            Activity

              People

              • Assignee:
                jleleu Jérôme LELEU
                Reporter:
                lmccay Larry McCay
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: