[jboss-jira] [JBoss JIRA] (ELY-175) SASL mechanism availability should take into account credential support.

Friday, 10 April 2015

Darran Lofthouse created ELY-175:
------------------------------------

             Summary: SASL mechanism availability should take into account credential
support.
                 Key: ELY-175
                 URL: https://issues.jboss.org/browse/ELY-175
             Project: WildFly Elytron
          Issue Type: Feature Request
          Components: SASL
            Reporter: Darran Lofthouse
             Fix For: 1.0.0.Alpha1

One of the main reasons for having a getCredentialSupport API is so that we select
appropriate authentication mechanisms based on the credentials available to us or the
level of validation possible.

This should also consider advertising all variants of a mechanism or strongest only.

I will mention it here but we may want as a separate task some form of downgrade detection
as this could be a sign of a malicious MITM.

--
This message was sent by Atlassian JIRA
(v6.3.11#6341)

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-jira] [JBoss JIRA] (ELY-175) SASL mechanism availability should take into account credential support.