[jboss-jira] [JBoss JIRA] (JGRP-1883) Extend SASL protocol to handle Quality of Protection
Tristan Tarrant (JIRA)
issues at jboss.org
Mon Sep 29 02:34:02 EDT 2014
[ https://issues.jboss.org/browse/JGRP-1883?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13006742#comment-13006742 ]
Tristan Tarrant commented on JGRP-1883:
---------------------------------------
Using SASL for authentication makes it extremely simple to integrate it with WildFly's security realm, thus ensuring that role management is homogenous with the rest of the platform. Unfortunately, because of the PtP nature of the SASL QoP infrastructure it is not suitable for efficient group communication. For this reason, I really see no point in trying to shoehorn SASL as a replacement for ENCRYPT, and I'd much rather spend time describing why it is not suitable.
> Extend SASL protocol to handle Quality of Protection
> -----------------------------------------------------
>
> Key: JGRP-1883
> URL: https://issues.jboss.org/browse/JGRP-1883
> Project: JGroups
> Issue Type: Feature Request
> Affects Versions: 3.5
> Reporter: Richard Achmatowicz
> Assignee: Bela Ban
> Fix For: 3.6
>
>
> SASL implementations generally provide authentication and encryption services to communication protocols.
> At present, the JGroups SASL protocol layer handles only authentication of a client joining a group; it does not support encryption of messages (unicast and multicast) passing through the SASL layer. This is presently handled by the separate ENCRYPT layer.
> It would be nice to provide an integrated and complete solution for authentication and encryption for JGroups based on SASL. This could be achieved by adding functionality from ENCRYPT to the SASL layer.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
More information about the jboss-jira
mailing list