[
https://issues.jboss.org/browse/AS7-777?page=com.atlassian.jira.plugin.sy...
]
Darran Lofthouse updated AS7-777:
---------------------------------
Fix Version/s: 7.3.0.Alpha1
(was: 7.2.0.Alpha1)
Switchable Nonce Handling Strategy for HTTP DigestAuthenticator
---------------------------------------------------------------
Key: AS7-777
URL:
https://issues.jboss.org/browse/AS7-777
Project: Application Server 7
Issue Type: Task
Components: Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Labels: Common_Authentication
Fix For: 7.3.0.Alpha1
Allow the nonce strategy to be switchable: -
1 - Real 'Number Used Once' - i.e. new nonce for each request.
2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce
- new nonce on new connection.
3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be
accepted for a validity period.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:
http://www.atlassian.com/software/jira