]
Darran Lofthouse updated SECURITY-671:
--------------------------------------
Assignee: (was: Darran Lofthouse)
Negotiation/SPNEGO: Fallback to authenticate Form/Basic with
ActiveDirectory
----------------------------------------------------------------------------
Key: SECURITY-671
URL:
https://issues.jboss.org/browse/SECURITY-671
Project: PicketBox
Issue Type: Feature Request
Security Level: Public(Everyone can see)
Environment: EAP 6.0.0 / JBossAS 7.1.2
Reporter: Jochen Riedlinger
Attachments: krb5.conf, Krb5TicketInitiator.java, LBankSPNEGOLoginModule.java,
part_of_standalone.xml
Since Version 4 of JBossAS we had our own implementations of a SPNEGOAuthenticator and
SPNEGOLoginModule. While trying to migrate to EAP 6 I wanted to switch to your
imlementation, because it is officially supported.
Unfortunately I find that your implementation is not yet finished because it lacks in a
fallback solution that is able to validate username/password from BASIC/FORM
authentication with ActiveDirectory.
Since I had this feature in my old implementation I want to offer to contribute it here
to the Negotiation component of the project (unfortunately there is no JIRA component for
Negotiation).
I think this would be valuable for anybody using SPNEGO.
My implementation would even word for remote-ejb-calls (with plain username password sent
OR when sending a kerberos ticket in the password field)
If you are interested I'll upload my code and configuration instructions (RedHat
employees can already see it in Support Case 00640390).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: