[jboss-jira] [JBoss JIRA] (ELY-1536) DigestSaslClient parse but ignore "stale" param

DigestSaslClient parse but ignore "stale" param ----------------------------------------------- Key: ELY-1536 URL: https://issues.jboss.org/browse/ELY-1536 Project: WildFly Elytron Issue Type: Bug Components: SASL Affects Versions: 1.2.3.Final Reporter: Jan Kalina Assignee: Jan Kalina Server sends "stale=true" when invalid nonce is used. Client should repeat authentication with new nonce, but it ignores it instead. rfc2831: {panel} If the response is valid, the server MAY choose to deem that authentication has succeeded. However, if it has been too long since the previous authentication, or for any other reason, the server MAY send a new "digest-challenge" with a new value for nonce. The challenge MAY contain a "stale" directive with value "true", which says that the client may respond to the challenge using the password it used in the previous response; otherwise, the client must solicit the password anew from the user. This permits the server to make sure that the user has presented their password recently. (The directive name refers to the previous nonce being stale, not to the last use of the password.) Except for the handling of "stale", after sending the "digest-challenge" authentication proceeds as in the case of initial authentication. {panel}