[jboss-jira] [JBoss JIRA] (AS7-4218) Additional optimisation for SASL / JAAS integration when non-JAAS realm used for authentication
Darran Lofthouse (JIRA)
jira-events at lists.jboss.org
Mon Mar 19 11:16:47 EDT 2012
Darran Lofthouse created AS7-4218:
-------------------------------------
Summary: Additional optimisation for SASL / JAAS integration when non-JAAS realm used for authentication
Key: AS7-4218
URL: https://issues.jboss.org/browse/AS7-4218
Project: Application Server 7
Issue Type: Task
Components: Domain Management, Remoting, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Critical
Fix For: 7.1.2.Final
The JAAS based authentication and related caching makes an assumption that a username and password is available for the authentication process - where a user has already been authenticated using a SASL mechanisms this is most likely not the case e.g. Digest, Kerberos...
To bridge this gap we create a fake username and password before the JAAS call - this task is to optimise that so that if a connection is held open the same generated username and password should be used so that any cached value can be used without triggering a JAAS auth for each call.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list