Bind the Tokens to a secure authentication mechanism
IN order to make tokens non-bearer tokens, we need to provide a way to ensure that only the user issued the token can use it. The simplest way to do that is to use an X509 client certificate and bind to the channel. The tokens can then embed a unique identifier for the certificate.
Kerberos will work as well. In that case, the token is bound to the Principal.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Medium
- Drafter:
- Adam Young
- Direction:
- Needs approval
- Assignee:
- Jamie Lennox
- Definition:
- Review
- Series goal:
- None
- Implementation:
- Implemented
- Milestone target:
- 2013.2
- Started by
- Jamie Lennox
- Completed by
- Dolph Mathews
Related branches
Related bugs
Sprints
Whiteboard
Work is underway. Please add concerns/
Is the Unique Identifier for the certificate the DN?
At the moment i am not setting any restrictions on an identifier for working with certificates. DN doesn't provide uniqueness typically but depending on the organization i could see that it could be unique. The most common method of doing uniqueness is the issuer + serial number, i would prefer to do a hash of the certificate. There isn't any reason i can see to restrict this, it could easily be configurable.
Gerrit topic: https:/
Addressed by: https:/
Implement Token Binding.
Gerrit topic: https:/
Addressed by: https:/
Pluggable Remote User
Gerrit topic: https:/
Addressed by: https:/
Fix XML rendering with empty auth payload.