[KNOX-655] Pac4j Provider Client Selection from client_name Query Parameter - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.8.0
Component/s: Server
Labels:
None

Description

From dev@ list:

"In pac4j, we have a callback controller which uses the client_name
parameter to finish the login process and a protection filter which
protects a resource and redirects the user to the identity provider for
login. Since pac4j 1.8, most libraries using it now accept a client_name
parameter in the protection filter as well to choose the authentication
mechanism to use if the user is not authenticated.

With Knox, this feature (choosing the authentication mechanism with the
client_name parameter) is not available as this parameter is already used
to define if it's a callback or an access. This could be changed and we
could opt for a new convention, like a new pac4jCallback parameter to say
if it's a callback or not. And this way, you could choose on the fly which
authentication mechanism you want to use."

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

KNOX-655-002.patch
26/Jan/16 02:17
12 kB
Larry McCay
knox655.patch
25/Jan/16 11:45
12 kB
Jérôme LELEU

Issue Links

is related to

KNOX-2291 Improve WebAppSec docs around cors.enabled

Resolved

Activity

People

Assignee:: Jérôme LELEU

Reporter:: Larry McCay

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 21/Jan/16 14:01

Updated:: 13/Mar/20 14:33

Resolved:: 26/Jan/16 18:36