[
https://issues.jboss.org/browse/ELY-527?page=com.atlassian.jira.plugin.sy...
]
David Lloyd commented on ELY-527:
---------------------------------
SSL session authorization is already an authorization (like
AnonymousAuthorizationCallback) so a redundant authorize should not be necessary.
That said if we're dropping this class in favor of proper scope auth, we'd need to
go back to using AuthorizeCallback again.
Handling of SSLSessionAuthorizationCallback is missing a call to
authorize()
----------------------------------------------------------------------------
Key: ELY-527
URL:
https://issues.jboss.org/browse/ELY-527
Project: WildFly Elytron
Issue Type: Bug
Components: SSL
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 1.1.0.Beta6
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)