[jboss-jira] [JBoss JIRA] (ELY-124) Java 8+ supports unbound SASL servers; GSSAPI and DIGEST-MD5 both use this value
David Lloyd (JIRA)
issues at jboss.org
Thu Nov 13 23:30:30 EST 2014
[ https://issues.jboss.org/browse/ELY-124?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Lloyd updated ELY-124:
----------------------------
Description:
Since Java 8, the SaslServerFactory interface has been changed so that the serverName may be null. If null, the server name is considered "unbound" and the client can select what server name it wants to use.
The release notes say:
{quote}
SASL service for multiple host names: When creating a SASL server, the server name can be set to null to denote an unbound server, which means a client can request for the service using any server name. After a context is established, the server can retrieve the name as a negotiated property with the key name SASL.BOUND_SERVER_NAME. See RFE 7110803.
{quote}
The updated JavaDoc says:
{quote}
serverName - The fully qualified host name of the server to authenticate to, or null if the server is not bound to any specific host name. If the mechanism does not allow an unbound server, a SaslException will be thrown.
{quote}
The RFE link is: http://bugs.java.com/bugdatabase/view_bug.do?bug_id=7110803
The two SASL mechanisms in Elytron that would be impacted by this are DIGEST-MD5 and GSSAPI.
was:
Since Java 8, the SaslServerFactory interface has been changed so that the serverName may be null. If null, the server name is considered "unbound" and the client can select what server name it wants to use.
The release notes say:
{quote}
SASL service for multiple host names: When creating a SASL server, the server name can be set to null to denote an unbound server, which means a client can request for the service using any server name. After a context is established, the server can retrieve the name as a negotiated property with the key name SASL.BOUND_SERVER_NAME. See RFE 7110803.
{quote}
The RFE link is: http://bugs.java.com/bugdatabase/view_bug.do?bug_id=7110803
The two SASL mechanisms in Elytron that would be impacted by this are DIGEST-MD5 and GSSAPI.
> Java 8+ supports unbound SASL servers; GSSAPI and DIGEST-MD5 both use this value
> --------------------------------------------------------------------------------
>
> Key: ELY-124
> URL: https://issues.jboss.org/browse/ELY-124
> Project: WildFly Elytron
> Issue Type: Task
> Components: SASL
> Reporter: David Lloyd
> Assignee: Darran Lofthouse
>
> Since Java 8, the SaslServerFactory interface has been changed so that the serverName may be null. If null, the server name is considered "unbound" and the client can select what server name it wants to use.
> The release notes say:
> {quote}
> SASL service for multiple host names: When creating a SASL server, the server name can be set to null to denote an unbound server, which means a client can request for the service using any server name. After a context is established, the server can retrieve the name as a negotiated property with the key name SASL.BOUND_SERVER_NAME. See RFE 7110803.
> {quote}
> The updated JavaDoc says:
> {quote}
> serverName - The fully qualified host name of the server to authenticate to, or null if the server is not bound to any specific host name. If the mechanism does not allow an unbound server, a SaslException will be thrown.
> {quote}
> The RFE link is: http://bugs.java.com/bugdatabase/view_bug.do?bug_id=7110803
> The two SASL mechanisms in Elytron that would be impacted by this are DIGEST-MD5 and GSSAPI.
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
More information about the jboss-jira
mailing list