[jboss-jira] [JBoss JIRA] Commented: (SECURITY-448) Fallback to BASIC authenticator if authentication fails

Jacob Orshalick (JIRA) jira-events at lists.jboss.org
Wed Jan 6 13:38:30 EST 2010 

    [ https://jira.jboss.org/jira/browse/SECURITY-448?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12502556#action_12502556 ] 

Jacob Orshalick commented on SECURITY-448:
------------------------------------------

Hi Vladimir,

I agree that this feature would be nice as I am currently stripping the @DOMAIN part through a custom extension.  This would be another ticket though, so I would recommend opening a separate feature request for this. I would be happy to provide a patch for the feature if it helps.

Just as a note for your request, I would prefer to have the "useDomainQualifedUserNames" option on the SPNEGOLoginModule instead.  This way no matter what additional login modules you use (LDAP, Database, etc), you can be assured that the username will not include the domain.  Thoughts?

> Fallback to BASIC authenticator if authentication fails
> -------------------------------------------------------
>
>                 Key: SECURITY-448
>                 URL: https://jira.jboss.org/jira/browse/SECURITY-448
>             Project: JBoss Security and Identity Management
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: Negotiation
>            Reporter: Jacob Orshalick
>            Assignee: Darran Lofthouse
>         Attachments: jboss-negotiation-common-v1.patch, jboss-negotiation-common-v1.patch, jboss-negotiation-common-v2.patch, jboss-negotiation-spnego-v1.patch
>
>
> This issue is related to SECURITY-141, but is a request to allow fallback to BASIC authentication where SPNEGO is not supported.  As a side effect this should also allow username/password authentication where SPNEGO did not take place.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list