I have been saying for a while that I need to raise a discussion
regarding the verification of Digest based requests against an
IdentityManager.
At the moment this is predominantly needed for Undertow although there
is also a need for same with SASL.
The following document describes the proposed use of the Undertow
IdentityManager API and the requirement for the implementation i.e. what
we would need from PicketLink IDM once wrapped in the WildFly integration: -
https://community.jboss.org/wiki/Undertow-IdentityManager-DigestAuthentic...
The three methods on the IdentityManager interface previously used for
Digest based authentication will all be removed.
An identity manager that can provide this capability will also be
compatible with SASL based authentication without needing to be aware of
the actual verification requirements within SASL.
Regards,
Darran Lofthouse.