[
https://issues.jboss.org/browse/WFCORE-1100?page=com.atlassian.jira.plugi...
]
Brian Stansberry moved WFLY-760 to WFCORE-1100:
-----------------------------------------------
Project: WildFly Core (was: WildFly)
Key: WFCORE-1100 (was: WFLY-760)
Component/s: Domain Management
Security
(was: Domain Management)
(was: Security)
Fix Version/s: (was: Awaiting Volunteers)
One time password for management interfaces
-------------------------------------------
Key: WFCORE-1100
URL:
https://issues.jboss.org/browse/WFCORE-1100
Project: WildFly Core
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Labels: Common_Authentication
This task is to look into one time password use for the management consoles.
This needs some further investigation as there is a trade off between ensuring a password
is really one time and not valid for replays after use yet allowing a users web browser to
keep establishing connections without forcing a new authentication every few minutes.
The native interface also needs similar consideration however the native interface does
allow for connections to be kept open for a long time more naturally.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)