[jboss-jira] [JBoss JIRA] (AS7-1401) Domain Managent - Support for client choosing auth mechanism

Domain Managent - Support for client choosing auth mechanism ------------------------------------------------------------ Key: AS7-1401 URL: https://issues.jboss.org/browse/AS7-1401 Project: Application Server 7 Issue Type: Task Components: Domain Management, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.CR1 Consideration is needed first as there are potential risks - however we should look at what it will take to allow clients to choose from list of auth mechansisms. AS7-1372 is to look at adding Kerberos support, however this can mean all clients need to also support it so we may need to allow some clients to fallback to a username/password based mechanism. The authorization scheme still needs further consideration however it is anticipated that the authentication mechansism will also be taken into account, this could mean that for clients that have chosen username / password auth their capabilities are restricted.