]
Farah Juma reassigned ELY-558:
------------------------------
Assignee: Farah Juma
Introduce generalized support for authentication timeout of
mechanisms
----------------------------------------------------------------------
Key: ELY-558
URL:
https://issues.jboss.org/browse/ELY-558
Project: WildFly Elytron
Issue Type: Enhancement
Components: Authentication Mechanisms, Utils
Reporter: David Lloyd
Assignee: Farah Juma
Fix For: 1.1.0.Beta6
Paraphrasing from HipChat discussion.
Generic mechanism wrappers for handling authentication timeout will not only support
OTP-style credential read-modify-write authentication mechanisms, but generally avoid
certain DoS conditions and failure states that would be associated with long locking of
credentials (even in the read case).
This issue is to implement a wrapping mechanism factory (for at least SASL and possibly
HTTP as well, eventually) which supports authentication timeout by judicious usage of
concurrency primitives and timed executors. It is important to guarantee thread-safe
access to the underlying mechanism, which are generally concurrency-unsafe.