[jboss-jira] [JBoss JIRA] Updated: (SECURITY-141) Fallback to different authenticator if authentication fails
Darran Lofthouse (JIRA)
jira-events at lists.jboss.org
Sat Nov 27 14:08:30 EST 2010
[ https://jira.jboss.org/browse/SECURITY-141?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated SECURITY-141:
--------------------------------------
Fix Version/s: Negotiation_2.0.4
> Fallback to different authenticator if authentication fails
> -----------------------------------------------------------
>
> Key: SECURITY-141
> URL: https://jira.jboss.org/browse/SECURITY-141
> Project: PicketBox (JBoss Security and Identity Management)
> Issue Type: Task
> Security Level: Public(Everyone can see)
> Components: Negotiation
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: Negotiation_2.0.3.SP4 , Negotiation_2.0.4
>
>
> Need to consider how this will work especially regarding security domains, possible to do something active directory - password-stacking and an LDAP login module that for negotiation does just role mapping and for non negotiation also does authentication.
> This issue is to allow fallback to FORM authentication where SPNEGO is not supported.
> As a side effect this should also allow username/password authentication where SPNEGO did not take place e.g. direct calls to EJBs from non web-tier.
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list