[jboss-jira] [JBoss JIRA] (WFLY-460) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator
[
https://issues.jboss.org/browse/WFLY-460?page=com.atlassian.jira.plugin.s...
]
Jason Greene updated WFLY-460:
------------------------------
Assignee: Darran Lofthouse (was: Scott Marlow)
Switchable Nonce Handling Strategy for HTTP DigestAuthenticator
---------------------------------------------------------------
Key: WFLY-460
URL: https://issues.jboss.org/browse/WFLY-460
Project: WildFly
Issue Type: Task
Components: Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Labels: Common_Authentication
Fix For: 8.0.0.Alpha1
Allow the nonce strategy to be switchable: -
1 - Real 'Number Used Once' - i.e. new nonce for each request.
2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce
- new nonce on new connection.
3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be
accepted for a validity period.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira