[jboss-jira] [JBoss JIRA] Updated: (SECURITY-141) Fallback to different authenticator if authentication fails

Darran Lofthouse (JIRA) jira-events at lists.jboss.org
Tue Aug 18 07:16:38 EDT 2009 

     [ https://jira.jboss.org/jira/browse/SECURITY-141?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse updated SECURITY-141:
--------------------------------------

    Fix Version/s: Negotiation_2.0.3.SP2
                       (was: Negotiation_2.0.4.GA)
      Description: 
Need to consider how this will work especially regarding security domains, possible to do something active directory - password-stacking and an LDAP login module that for negotiation does just role mapping and for non negotiation also does authentication.

This issue is to allow fallback to FORM authentication where SPNEGO is not supported.
As a side effect this should also allow username/password authentication where SPNEGO did not take place e.g. direct calls to EJBs from non web-tier.

  was:Need to consider how this will work especially regarding security domains, possible to do something active directory - password-stacking and an LDAP login module that for negotiation does just role mapping and for non negotiation also does authentication.



> Fallback to different authenticator if authentication fails
> -----------------------------------------------------------
>
>                 Key: SECURITY-141
>                 URL: https://jira.jboss.org/jira/browse/SECURITY-141
>             Project: JBoss Security and Identity Management
>          Issue Type: Task
>      Security Level: Public(Everyone can see) 
>          Components: Negotiation
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>             Fix For: Negotiation_2.0.3.SP2
>
>
> Need to consider how this will work especially regarding security domains, possible to do something active directory - password-stacking and an LDAP login module that for negotiation does just role mapping and for non negotiation also does authentication.
> This issue is to allow fallback to FORM authentication where SPNEGO is not supported.
> As a side effect this should also allow username/password authentication where SPNEGO did not take place e.g. direct calls to EJBs from non web-tier.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list