Farah Juma created ELY-281: ------------------------------ Summary: Investigate if it's possible to modify the OTP SASL mechanism and password implementation to make use of the credential verification API Key: ELY-281 URL: https://issues.jboss.org/browse/ELY-281 Project: WildFly Elytron Issue Type: Feature Request Components: SASL Reporter: Farah Juma Assignee: Farah Juma The main idea here is to be able to pass the guess that's being verified to the realm and have the realm handle updating the stored credential if verification succeeds. Relevant chat discussion: {quote} \[8:42 AM\] Darran Lofthouse: @KabirKhan Ok, so you are trying to test OTP and require updates to be applied to the realm \[8:43 AM\] Darran Lofthouse: One option is to update the ServerAuthenticationContext to make an update \[8:43 AM\] Kabir Khan: That is what I had planned \[8:43 AM\] Darran Lofthouse: I do also wonder if a second option may be to use the credential verification API we have instead so the credential being verified is passed into the realm and the realm can handle updates internally \[8:44 AM\] Darran Lofthouse: although have not been in the credential in detail to see if this is possible \[8:44 AM\] Kabir Khan: Possibly, I'd need to look at the code a bit better though \[8:44 AM\] Kabir Khan: the first option is what stood out to me \[8:45 AM\] Darran Lofthouse: the first option may match with how the credential and mech are currently implemented - but does risk us adding more and more behaviour to ServerAuthenticationContext {quote} -- This message was sent by Atlassian JIRA (v6.3.15#6346)