[JBoss JIRA] Created: (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator

[JBoss JIRA] (AS7-4196) Update the...

[JBoss JIRA] (AS7-2771)...

Darran Lofthouse (JIRA)

Friday, 13 May 2011 Fri, 13 May '11

9:06 p.m.

Switchable Nonce Handling Strategy for HTTP DigestAuthenticator --------------------------------------------------------------- Key: AS7-777 URL: https://issues.jboss.org/browse/AS7-777 Project: Application Server 7 Issue Type: Task Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.0.0.CR1 Allow the nonce strategy to be switchable: - 1 - Real 'Number Used Once' - i.e. new nonce for each request. 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection. 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

Show replies by date

Darran Lofthouse (JIRA)

Thursday, 16 June Thu, 16 Jun

5:32 p.m.

New subject: [JBoss JIRA] Updated: (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator

[ https://issues.jboss.org/browse/AS7-777?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated AS7-777: --------------------------------- Fix Version/s: 7.1.0.Alpha1 (was: 7.0.0.CR1) Component/s: Security Need to re-visit along with SASL mechanisms used by Remoting i.e. can we make the strategy pluggable there?

...

Switchable Nonce Handling Strategy for HTTP DigestAuthenticator --------------------------------------------------------------- Key: AS7-777 URL: https://issues.jboss.org/browse/AS7-777 Project: Application Server 7 Issue Type: Task Components: Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.Alpha1 Allow the nonce strategy to be switchable: - 1 - Real 'Number Used Once' - i.e. new nonce for each request. 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection. 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period.

-- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

Darran Lofthouse (JIRA)

Friday, 22 July Fri, 22 Jul

1:59 p.m.

New subject: [JBoss JIRA] Updated: (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator

[ https://issues.jboss.org/browse/AS7-777?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated AS7-777: --------------------------------- Fix Version/s: 7.1.0.Beta1 (was: 7.1.0.Alpha1)

...

Switchable Nonce Handling Strategy for HTTP DigestAuthenticator --------------------------------------------------------------- Key: AS7-777 URL: https://issues.jboss.org/browse/AS7-777 Project: Application Server 7 Issue Type: Task Components: Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.Beta1 Allow the nonce strategy to be switchable: - 1 - Real 'Number Used Once' - i.e. new nonce for each request. 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection. 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period.

-- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

Darran Lofthouse (JIRA)

Tuesday, 20 September Tue, 20 Sep

11:29 a.m.

New subject: [JBoss JIRA] Updated: (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator

[ https://issues.jboss.org/browse/AS7-777?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated AS7-777: --------------------------------- Fix Version/s: 7.1.0.Beta1 (was: 7.1.0.Alpha1)

...

Switchable Nonce Handling Strategy for HTTP DigestAuthenticator --------------------------------------------------------------- Key: AS7-777 URL: https://issues.jboss.org/browse/AS7-777 Project: Application Server 7 Issue Type: Task Components: Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.Beta1 Allow the nonce strategy to be switchable: - 1 - Real 'Number Used Once' - i.e. new nonce for each request. 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection. 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period.

-- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

Darran Lofthouse (Updated) (JIRA)

Thursday, 6 October Thu, 6 Oct

4:32 p.m.

New subject: [JBoss JIRA] (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator

[ https://issues.jboss.org/browse/AS7-777?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated AS7-777: --------------------------------- Fix Version/s: 7.1.0.CR1 (was: 7.1.0.Beta1)

...

Switchable Nonce Handling Strategy for HTTP DigestAuthenticator --------------------------------------------------------------- Key: AS7-777 URL: https://issues.jboss.org/browse/AS7-777 Project: Application Server 7 Issue Type: Task Components: Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.CR1 Allow the nonce strategy to be switchable: - 1 - Real 'Number Used Once' - i.e. new nonce for each request. 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection. 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period.

-- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

Darran Lofthouse (Resolved) (JIRA)

Wednesday, 2 November Wed, 2 Nov

6:44 p.m.

New subject: [JBoss JIRA] (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator

[ https://issues.jboss.org/browse/AS7-777?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse resolved AS7-777. ---------------------------------- Fix Version/s: (was: 7.1.0.CR1) Resolution: Deferred Not a priority at the moment, will re-visit post 7.1.0

...

Switchable Nonce Handling Strategy for HTTP DigestAuthenticator --------------------------------------------------------------- Key: AS7-777 URL: https://issues.jboss.org/browse/AS7-777 Project: Application Server 7 Issue Type: Task Components: Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Allow the nonce strategy to be switchable: - 1 - Real 'Number Used Once' - i.e. new nonce for each request. 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection. 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period.

Darran Lofthouse (JIRA)

Tuesday, 8 May Tue, 8 May

12:27 p.m.

New subject: [JBoss JIRA] (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator

[ https://issues.jboss.org/browse/AS7-777?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse reopened AS7-777: ----------------------------------

...

Switchable Nonce Handling Strategy for HTTP DigestAuthenticator --------------------------------------------------------------- Key: AS7-777 URL: https://issues.jboss.org/browse/AS7-777 Project: Application Server 7 Issue Type: Task Components: Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Labels: Common_Authentication Allow the nonce strategy to be switchable: - 1 - Real 'Number Used Once' - i.e. new nonce for each request. 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection. 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period.

Darran Lofthouse (JIRA)

12:27 p.m.

New subject: [JBoss JIRA] (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator

[ https://issues.jboss.org/browse/AS7-777?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated AS7-777: --------------------------------- Fix Version/s: 7.2.0.Alpha1

...

Switchable Nonce Handling Strategy for HTTP DigestAuthenticator --------------------------------------------------------------- Key: AS7-777 URL: https://issues.jboss.org/browse/AS7-777 Project: Application Server 7 Issue Type: Task Components: Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Labels: Common_Authentication Fix For: 7.2.0.Alpha1 Allow the nonce strategy to be switchable: - 1 - Real 'Number Used Once' - i.e. new nonce for each request. 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection. 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period.

Darran Lofthouse (JIRA)

Wednesday, 31 October Wed, 31 Oct

4:33 p.m.

New subject: [JBoss JIRA] (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator

[ https://issues.jboss.org/browse/AS7-777?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated AS7-777: --------------------------------- Fix Version/s: 7.3.0.Alpha1 (was: 7.2.0.Alpha1)

...

Switchable Nonce Handling Strategy for HTTP DigestAuthenticator --------------------------------------------------------------- Key: AS7-777 URL: https://issues.jboss.org/browse/AS7-777 Project: Application Server 7 Issue Type: Task Components: Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Labels: Common_Authentication Fix For: 7.3.0.Alpha1 Allow the nonce strategy to be switchable: - 1 - Real 'Number Used Once' - i.e. new nonce for each request. 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection. 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period.

-- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

4195

days inactive

4732

days old

jboss-jira@lists.jboss.org

Manage subscription

8 comments

3 participants

tags (0)

participants (3)

Darran Lofthouse (JIRA)
Darran Lofthouse (Resolved) (JIRA)
Darran Lofthouse (Updated) (JIRA)

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[JBoss JIRA] Created: (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator