[jboss-jira] [JBoss JIRA] (SECURITY-448) Fallback to BASIC authenticator if authentication fails

Andrew Davie (JIRA) jira-events at lists.jboss.org
Thu Jan 26 09:08:49 EST 2012 

    [ https://issues.jboss.org/browse/SECURITY-448?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12662168#comment-12662168 ] 

Andrew Davie commented on SECURITY-448:
---------------------------------------

I voted this up as I am basically looking for:
1) fallback login method
2) stripping domain from domain qualified names, or at least allowing the functionality other ldap adapters seem to support, e.g. %u.
3) being able to overide SSO and log in with an alternate method.

We basically have an AD we want to authenticate against with SSO. But sometimes we would like to do the same but not with SSO, i.e. like with LDAP. This can be for various reasons, e.g. SSO not supported (for whatever reason), SSO not supported as client not in the domain, or for simple support reasons, or demo/test reasons.




                
> Fallback to BASIC authenticator if authentication fails
> -------------------------------------------------------
>
>                 Key: SECURITY-448
>                 URL: https://issues.jboss.org/browse/SECURITY-448
>             Project: PicketBox (JBoss Security and Identity Management)
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: Negotiation
>            Reporter: Jacob Orshalick
>            Assignee: Darran Lofthouse
>             Fix For: Negotiation_2.1.1
>
>         Attachments: jboss-negotiation-common-v1.patch, jboss-negotiation-common-v1.patch, jboss-negotiation-common-v2.patch, jboss-negotiation-spnego-v1.patch
>
>
> This issue is related to SECURITY-141, but is a request to allow fallback to BASIC authentication where SPNEGO is not supported.  As a side effect this should also allow username/password authentication where SPNEGO did not take place.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list