[jboss-dev-forums] [Design of Security on JBoss] - Re: SRP and SASL
david.lloyd@jboss.com
do-not-reply at jboss.com
Fri Oct 19 09:55:07 EDT 2007
"scott.stark at jboss.org" wrote : But can't you pass in the verifier as the "password'?
You could. That would be kind of ugly though. PasswordCallback sends in a char[]; you'd have to send in the verifier, salt, N, and generater values all encoded in the password somehow.
"scott.stark at jboss.org" wrote : I guess I would have to see what the current mapping of srp to sasl is. Is it checked in somewhere?
I hadn't bothered checking it in because it doesn't actually *work* yet. But on the other hand, that hasn't stopped me before, so...
https://svn.jboss.org/repos/sandbox/david.lloyd/remoting3/core-proto/impl/src/main/java/org/jboss/cx/remoting/core/security/sasl
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4096984#4096984
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4096984
More information about the jboss-dev-forums
mailing list