[jboss-jira] [JBoss JIRA] (ELY-252) Take into account username after failed authentication for available mechs
Darran Lofthouse (JIRA)
issues at jboss.org
Mon Aug 3 07:44:02 EDT 2015
Darran Lofthouse created ELY-252:
------------------------------------
Summary: Take into account username after failed authentication for available mechs
Key: ELY-252
URL: https://issues.jboss.org/browse/ELY-252
Project: WildFly Elytron
Issue Type: Task
Components: SASL
Reporter: Darran Lofthouse
Fix For: 1.0.0.Alpha4
This is something we would need to be cautious about as it does risk revealing information to an attacker but after a files attempt we may have more information and be able to offer mechanisms based on this.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the jboss-jira
mailing list