[jboss-jira] [JBoss JIRA] (WFLY-460) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator
Darran Lofthouse (JIRA)
jira-events at lists.jboss.org
Wed Apr 24 06:29:56 EDT 2013
[ https://issues.jboss.org/browse/WFLY-460?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated WFLY-460:
----------------------------------
Fix Version/s: 9.0.0.CR1
(was: 8.0.0.Alpha1)
> Switchable Nonce Handling Strategy for HTTP DigestAuthenticator
> ---------------------------------------------------------------
>
> Key: WFLY-460
> URL: https://issues.jboss.org/browse/WFLY-460
> Project: WildFly
> Issue Type: Task
> Components: Security
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Labels: Common_Authentication
> Fix For: 9.0.0.CR1
>
>
> Allow the nonce strategy to be switchable: -
> 1 - Real 'Number Used Once' - i.e. new nonce for each request.
> 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection.
> 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list