[jboss-jira] [JBoss JIRA] (ELY-233) ServerAuthenticationContext callback handler special handling for AuthorizeCallback
David Lloyd (JIRA)
issues at jboss.org
Thu Jul 16 14:20:02 EDT 2015
David Lloyd created ELY-233:
-------------------------------
Summary: ServerAuthenticationContext callback handler special handling for AuthorizeCallback
Key: ELY-233
URL: https://issues.jboss.org/browse/ELY-233
Project: WildFly Elytron
Issue Type: Task
Components: API / SPI
Reporter: David Lloyd
The ServerAuthenticationContext's callback handler implementation currently handles each callback in order.
It should instead handle all callbacks in order *except* for the AuthorizeCallback, which it should handle last. This will make it somewhat resilient against SASL server mechanisms (and other server mechanisms) which incorrectly send in the authorize callback before finishing authentication.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the jboss-jira
mailing list