[jboss-jira] [JBoss JIRA] (ELY-175) SASL mechanism availability should take into account credential support.
Darran Lofthouse (JIRA)
issues at jboss.org
Fri Apr 10 14:47:18 EDT 2015
Darran Lofthouse created ELY-175:
------------------------------------
Summary: SASL mechanism availability should take into account credential support.
Key: ELY-175
URL: https://issues.jboss.org/browse/ELY-175
Project: WildFly Elytron
Issue Type: Feature Request
Components: SASL
Reporter: Darran Lofthouse
Fix For: 1.0.0.Alpha1
One of the main reasons for having a getCredentialSupport API is so that we select appropriate authentication mechanisms based on the credentials available to us or the level of validation possible.
This should also consider advertising all variants of a mechanism or strongest only.
I will mention it here but we may want as a separate task some form of downgrade detection as this could be a sign of a malicious MITM.
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
More information about the jboss-jira
mailing list