[JBoss JIRA] (ELY-1410) Digest auth uses single use nonces, causing browsers to replay every request
by Stuart Douglas (JIRA)
[ https://issues.jboss.org/browse/ELY-1410?page=com.atlassian.jira.plugin.s... ]
Stuart Douglas moved JBEAP-13527 to ELY-1410:
---------------------------------------------
Project: WildFly Elytron (was: JBoss Enterprise Application Platform)
Key: ELY-1410 (was: JBEAP-13527)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: HTTP
(was: Security)
> Digest auth uses single use nonces, causing browsers to replay every request
> ----------------------------------------------------------------------------
>
> Key: ELY-1410
> URL: https://issues.jboss.org/browse/ELY-1410
> Project: WildFly Elytron
> Issue Type: Bug
> Components: HTTP
> Reporter: Stuart Douglas
> Assignee: Stuart Douglas
> Priority: Blocker
>
> The results in every single request being retried. This has two negative impacts. The extra request adds a round trip which hurts response time on high latency connections. Additionally large posts have double the bandwidth consumption and can be interpreted as failures. For example a 300 mb upload in the console would likely lead to the user assuming a hang.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 9 months
[JBoss JIRA] (ELY-1410) Digest auth does not support nonce count, causing browsers to replay every request
by Stuart Douglas (JIRA)
[ https://issues.jboss.org/browse/ELY-1410?page=com.atlassian.jira.plugin.s... ]
Stuart Douglas updated ELY-1410:
--------------------------------
Summary: Digest auth does not support nonce count, causing browsers to replay every request (was: Digest auth uses single use nonces, causing browsers to replay every request)
> Digest auth does not support nonce count, causing browsers to replay every request
> ----------------------------------------------------------------------------------
>
> Key: ELY-1410
> URL: https://issues.jboss.org/browse/ELY-1410
> Project: WildFly Elytron
> Issue Type: Bug
> Components: HTTP
> Reporter: Stuart Douglas
> Assignee: Stuart Douglas
> Priority: Blocker
>
> The results in every single request being retried. This has two negative impacts. The extra request adds a round trip which hurts response time on high latency connections. Additionally large posts have double the bandwidth consumption and can be interpreted as failures. For example a 300 mb upload in the console would likely lead to the user assuming a hang.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 9 months
[JBoss JIRA] (ELY-1385) Add option to override the TrustManager within <authentication-client ></authentication>
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-1385?page=com.atlassian.jira.plugin.s... ]
Darran Lofthouse updated ELY-1385:
----------------------------------
Summary: Add option to override the TrustManager within <authentication-client ></authentication> (was: Add option to override the KeyManager and TrustManager within <authentication-client />)
> Add option to override the TrustManager within <authentication-client ></authentication>
> ----------------------------------------------------------------------------------------
>
> Key: ELY-1385
> URL: https://issues.jboss.org/browse/ELY-1385
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: Authentication Client
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 1.2.0.Beta7
>
>
> At the moment we can reference an alias from a KeyStore and reference a complete KeyStore for use by the TrustManager but there is not option to override which key and trust managers are actually enabled.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 9 months