[
https://issues.jboss.org/browse/AS7-777?page=com.atlassian.jira.plugin.sy...
]
Darran Lofthouse resolved AS7-777.
----------------------------------
Fix Version/s: (was: 7.1.0.CR1)
Resolution: Deferred
Not a priority at the moment, will re-visit post 7.1.0
Switchable Nonce Handling Strategy for HTTP DigestAuthenticator
---------------------------------------------------------------
Key: AS7-777
URL:
https://issues.jboss.org/browse/AS7-777
Project: Application Server 7
Issue Type: Task
Components: Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Allow the nonce strategy to be switchable: -
1 - Real 'Number Used Once' - i.e. new nonce for each request.
2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce
- new nonce on new connection.
3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be
accepted for a validity period.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see:
http://www.atlassian.com/software/jira