[jboss-jira] [JBoss JIRA] (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator
Darran Lofthouse (Resolved) (JIRA)
jira-events at lists.jboss.org
Wed Nov 2 13:44:45 EDT 2011
[ https://issues.jboss.org/browse/AS7-777?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse resolved AS7-777.
----------------------------------
Fix Version/s: (was: 7.1.0.CR1)
Resolution: Deferred
Not a priority at the moment, will re-visit post 7.1.0
> Switchable Nonce Handling Strategy for HTTP DigestAuthenticator
> ---------------------------------------------------------------
>
> Key: AS7-777
> URL: https://issues.jboss.org/browse/AS7-777
> Project: Application Server 7
> Issue Type: Task
> Components: Security
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
>
> Allow the nonce strategy to be switchable: -
> 1 - Real 'Number Used Once' - i.e. new nonce for each request.
> 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection.
> 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list