[jboss-jira] [JBoss JIRA] Commented: (SECURITY-448) Fallback to BASIC authenticator if authentication fails

Jacob Orshalick (JIRA) jira-events at lists.jboss.org
Fri Dec 18 16:51:31 EST 2009 

    [ https://jira.jboss.org/jira/browse/SECURITY-448?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12500848#action_12500848 ] 

Jacob Orshalick commented on SECURITY-448:
------------------------------------------

For additional reference, the configuration elements are:

For login-config.xml,

<application-policy name="SPNEGO">
      <authentication>
        <login-module code="org.jboss.security.negotiation.spnego.SPNEGOLoginModule" flag="optional">
          <module-option name="password-stacking">useFirstPass</module-option>
          <module-option name="serverSecurityDomain">host</module-option>
        </login-module>
        <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
          <module-option name="password-stacking">useFirstPass</module-option>
          <module-option name="usersProperties">props/spnego-users.properties</module-option>
          <module-option name="rolesProperties">props/spnego-roles.properties</module-option>
        </login-module>
</application-policy>

where props/spnego-users.properties defines:

jacob=orshalick

and props/spnego-roles.properties defines:

jacob=Users

And for jboss-service.xml,

<java:property>
  <java:key>SPNEGO</java:key>
  <java:value>org.jboss.security.negotiation.NegotiationWithBasicFallbackAuthenticator</java:value>
</java:property>

If you need anything further to test out the patch, please let me know.  Thanks again!

> Fallback to BASIC authenticator if authentication fails
> -------------------------------------------------------
>
>                 Key: SECURITY-448
>                 URL: https://jira.jboss.org/jira/browse/SECURITY-448
>             Project: JBoss Security and Identity Management
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: Negotiation
>            Reporter: Jacob Orshalick
>            Assignee: Darran Lofthouse
>         Attachments: jboss-negotiation-common-v1.patch, jboss-negotiation-spnego-v1.patch
>
>
> This issue is related to SECURITY-141, but is a request to allow fallback to BASIC authentication where SPNEGO is not supported.  As a side effect this should also allow username/password authentication where SPNEGO did not take place.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list