[
https://jira.jboss.org/jira/browse/SECURITY-141?page=com.atlassian.jira.p...
]
Jacob Orshalick commented on SECURITY-141:
------------------------------------------
Hi Darran,
Is this ticket also related to falling back to a lesser WWW-Authenticate mechanism? (e.g.
Digest or Basic). I have implemented a solution that refactors the
NegotiationAuthenticator allowing the user to configure Basic fallback if they choose. In
addition, the solution makes it pretty simple to incorporate Digest fallback as well.
Would there be interest in this patch? If needed, I would be happy to create a separate
ticket and provide the implementation. Thanks!
Fallback to different authenticator if authentication fails
-----------------------------------------------------------
Key: SECURITY-141
URL:
https://jira.jboss.org/jira/browse/SECURITY-141
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: Negotiation
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: Negotiation_2.0.3.SP3
Need to consider how this will work especially regarding security domains, possible to do
something active directory - password-stacking and an LDAP login module that for
negotiation does just role mapping and for non negotiation also does authentication.
This issue is to allow fallback to FORM authentication where SPNEGO is not supported.
As a side effect this should also allow username/password authentication where SPNEGO did
not take place e.g. direct calls to EJBs from non web-tier.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira