[jboss-jira] [JBoss JIRA] (WFLY-1239) A Negotiated HTTP Authenticator

[Darran Lofthouse (JIRA)]

     [ https://issues.jboss.org/browse/WFLY-1239?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse resolved WFLY-1239.
------------------------------------

    Resolution: Out of Date


WildFly has moved to Undertow which already supports multiple authentication mechanisms.
                
> A Negotiated HTTP Authenticator
> -------------------------------
>
>                 Key: WFLY-1239
>                 URL: https://issues.jboss.org/browse/WFLY-1239
>             Project: WildFly
>          Issue Type: Task
>          Components: Domain Management, Security
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>              Labels: Common_Authentication
>
> Historically we have become constrained by an assumption that there should be a single authentication mechanism assigned to a web application.
> The HTTP specification however allows for multiple mechanisms to be used in parallel - this task is to investigate the feasibility of writing a single authenticator that is compatible with both JBoss Web and the Sun HTTP server used within AS7 to support a negotiated authentication using a single authenticator backed by a CallbackHandler based realm.
> The most common example is fallback from SPNEGO to a username / password based mechanism but for domain management we have also a case of trying to use CLIENT-CERT authentication first and then fallback if that is not possible.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira