[jboss-jira] [JBoss JIRA] (REMJMX-74) REMJMX-65 Overzealous disabling local authentication

RH Bugzilla Integration (JIRA) jira-events at lists.jboss.org
Mon Oct 21 12:53:02 EDT 2013 

    [ https://issues.jboss.org/browse/REMJMX-74?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12823678#comment-12823678 ] 

RH Bugzilla Integration commented on REMJMX-74:
-----------------------------------------------

Darran Lofthouse <darran.lofthouse at redhat.com> made a comment on [bug 1021630|https://bugzilla.redhat.com/show_bug.cgi?id=1021630]

Description of problem:

Remoting JMX was enhanced to disable local authentication if a username and password is supplied or is a callback handler is supplied, the check involving the callback handler is too much as end users may want to supply the callback handler for use only if other authentication mechanisms fail.

Instead a configuration option will be added to cover the case where a CallbackHandler is supplied if the user wants to disable local authentication.
                
> REMJMX-65 Overzealous disabling local authentication
> ----------------------------------------------------
>
>                 Key: REMJMX-74
>                 URL: https://issues.jboss.org/browse/REMJMX-74
>             Project: Remoting JMX
>          Issue Type: Bug
>          Components: Connection
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>             Fix For: 1.1.2.CR1, 2.0.0.CR4
>
>
> REMJMX-65 is overzealous at disabling local authentication, if a username and credential is supplied in the environment then it does make sense to disable local authentication - however the availability of a callback handler is not a sufficient flag to also disable it.
> In the case of the callback handler the user may still only want to be prompted if the other mechanisms fail.
> This issue will remove the disabling of local authentication based on the presence of a callback handler and will instead add a configuration option that can be set on the environment.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list