[security-dev] Undertow / IdentityManager and Digest Authentication

Darran Lofthouse darran.lofthouse at jboss.com
Tue Apr 30 05:24:28 EDT 2013

I have been saying for a while that I need to raise a discussion 
regarding the verification of Digest based requests against an 

At the moment this is predominantly needed for Undertow although there 
is also a need for same with SASL.

The following document describes the proposed use of the Undertow 
IdentityManager API and the requirement for the implementation i.e. what 
we would need from PicketLink IDM once wrapped in the WildFly integration: -


The three methods on the IdentityManager interface previously used for 
Digest based authentication will all be removed.

An identity manager that can provide this capability will also be 
compatible with SASL based authentication without needing to be aware of 
the actual verification requirements within SASL.

Darran Lofthouse.

More information about the security-dev mailing list