Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.0.3, 2.1.0
    • Component/s: client, console, core
    • Labels:

      Description

      Since the beginning, access to the REST services is protected via Basic Authentication, with credentials sent along each and every request.

      As improvement, we can switch to an architecture where there is an explicit REST service for obtaining some sort of token (requiring credentials) and then all other REST services can be accessed by sending along such token instead of credentials.
      This will ease future works for enabling SSO via SAML, OAuth 2.0 or other standards.

      About the token format, it seems that JSON Web Tokens are quite the default choice, especially considering the support that CXF already provides for that.

        Issue Links

          Activity

          Hide
          jira-bot ASF subversion and git services added a comment -

          Commit 521f51a9dd2face373ed7437837a8de82a609675 in syncope's branch refs/heads/2_0_X from Francesco Chicchiriccò
          [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=521f51a ]

          SYNCOPE-1035 Using JWT as authentication mean, obtained via initial call

          Show
          jira-bot ASF subversion and git services added a comment - Commit 521f51a9dd2face373ed7437837a8de82a609675 in syncope's branch refs/heads/2_0_X from Francesco Chicchiriccò [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=521f51a ] SYNCOPE-1035 Using JWT as authentication mean, obtained via initial call
          Hide
          jira-bot ASF subversion and git services added a comment -

          Commit 32af0320d9d426bb34fc5a69287b5e19a0630ad3 in syncope's branch refs/heads/master from Francesco Chicchiriccò
          [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=32af032 ]

          SYNCOPE-1035 Using JWT as authentication mean, obtained via initial call

          Show
          jira-bot ASF subversion and git services added a comment - Commit 32af0320d9d426bb34fc5a69287b5e19a0630ad3 in syncope's branch refs/heads/master from Francesco Chicchiriccò [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=32af032 ] SYNCOPE-1035 Using JWT as authentication mean, obtained via initial call
          Hide
          jira-bot ASF subversion and git services added a comment -

          Commit bb40af42ad9bb11c7f2a0c413096b6e601a63a63 in syncope's branch refs/heads/2_0_X from Francesco Chicchiriccò
          [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=bb40af4 ]

          SYNCOPE-1035 Adding support for Admin Console

          Show
          jira-bot ASF subversion and git services added a comment - Commit bb40af42ad9bb11c7f2a0c413096b6e601a63a63 in syncope's branch refs/heads/2_0_X from Francesco Chicchiriccò [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=bb40af4 ] SYNCOPE-1035 Adding support for Admin Console
          Hide
          ilgrosso Francesco Chicchiriccò added a comment -

          Apparently missing:

          Commit 7004b84a150f456044e95ac5c83edfa8f8db9c59 in syncope's branch refs/heads/master from Francesco Chicchiriccò
          [ https://git1-us-west.apache.org/repos/asf?p=syncope.git;a=commit;h=7004b84a ]
          SYNCOPE-1035 Adding support for Admin Console

          Show
          ilgrosso Francesco Chicchiriccò added a comment - Apparently missing: Commit 7004b84a150f456044e95ac5c83edfa8f8db9c59 in syncope's branch refs/heads/master from Francesco Chicchiriccò [ https://git1-us-west.apache.org/repos/asf?p=syncope.git;a=commit;h=7004b84a ] SYNCOPE-1035 Adding support for Admin Console
          Hide
          jira-bot ASF subversion and git services added a comment -

          Commit 86a2a4ebe4d08d8d6053f88c860b55f40606c826 in syncope's branch refs/heads/2_0_X from Francesco Chicchiriccò
          [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=86a2a4e ]

          SYNCOPE-1035 Some documentation

          Show
          jira-bot ASF subversion and git services added a comment - Commit 86a2a4ebe4d08d8d6053f88c860b55f40606c826 in syncope's branch refs/heads/2_0_X from Francesco Chicchiriccò [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=86a2a4e ] SYNCOPE-1035 Some documentation
          Hide
          jira-bot ASF subversion and git services added a comment -

          Commit 52badc4b9e8afa4b5042ba19c19e570c926dad88 in syncope's branch refs/heads/master from Francesco Chicchiriccò
          [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=52badc4 ]

          SYNCOPE-1035 Some documentation

          Show
          jira-bot ASF subversion and git services added a comment - Commit 52badc4b9e8afa4b5042ba19c19e570c926dad88 in syncope's branch refs/heads/master from Francesco Chicchiriccò [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=52badc4 ] SYNCOPE-1035 Some documentation
          Hide
          jira-bot ASF subversion and git services added a comment -

          Commit 8814549ee2297f6353e115c77f968bf5be403e71 in syncope's branch refs/heads/2_0_X from Francesco Chicchiriccò
          [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=8814549 ]

          SYNCOPE-1035 Fix for console logout

          Show
          jira-bot ASF subversion and git services added a comment - Commit 8814549ee2297f6353e115c77f968bf5be403e71 in syncope's branch refs/heads/2_0_X from Francesco Chicchiriccò [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=8814549 ] SYNCOPE-1035 Fix for console logout
          Hide
          jira-bot ASF subversion and git services added a comment -

          Commit 2b06bafc58ccc0d2b9a1be137f0965ff111b08d4 in syncope's branch refs/heads/master from Francesco Chicchiriccò
          [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=2b06baf ]

          SYNCOPE-1035 Fix for console logout

          Show
          jira-bot ASF subversion and git services added a comment - Commit 2b06bafc58ccc0d2b9a1be137f0965ff111b08d4 in syncope's branch refs/heads/master from Francesco Chicchiriccò [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=2b06baf ] SYNCOPE-1035 Fix for console logout
          Hide
          ilgrosso Francesco Chicchiriccò added a comment -

          Bulk close for 2.0.3

          Show
          ilgrosso Francesco Chicchiriccò added a comment - Bulk close for 2.0.3

            People

            • Assignee:
              ilgrosso Francesco Chicchiriccò
              Reporter:
              ilgrosso Francesco Chicchiriccò
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development