[jboss-jira] [JBoss JIRA] (ELY-234) Implement SPKM-1 GSS mechanism and GSS-K7XIDASOVRG3BZSQ and GS2-DT4PIK22T6APV2PY SASL mechanisms

David Lloyd (JIRA) issues at jboss.org
Tue Jul 21 15:12:02 EDT 2015 

    [ https://issues.jboss.org/browse/ELY-234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13091466#comment-13091466 ] 

David Lloyd commented on ELY-234:
---------------------------------

It should be possible, after https://github.com/wildfly-security/wildfly-elytron/pull/245 is merged, to create a GSSManager subclass which implements the SPKM-* family of mechanisms.  Then, to add these mechanisms to the global offering, implementations of {{SaslClientFactory}} and {{SaslServerFactory}} can be added which have {{@MetaInfServices}} annotations and which delegate to {{Gs2Sasl*Factory}} with the custom GSSManager subclass.

> Implement SPKM-1 GSS mechanism and GSS-K7XIDASOVRG3BZSQ and GS2-DT4PIK22T6APV2PY SASL mechanisms
> ------------------------------------------------------------------------------------------------
>
>                 Key: ELY-234
>                 URL: https://issues.jboss.org/browse/ELY-234
>             Project: WildFly Elytron
>          Issue Type: Task
>          Components: SASL
>            Reporter: David Lloyd
>
> Implement the "Simple Private Key" GSSAPI mechanism.  This can be done in one of two ways:
> # Implement SPKM as a GSSAPI mechanism, and let the GSSAPI and GS2 SASL mechanism factories automatically pick it out.
> # Implement SPKM directly in SASL as "GS2-DT4PIK22T6APV2PY" and do not provide GSSAPI support for other GSSAPI consumers.
> SPKM-1 supports unilateral and mutual authentication using keys.  SPKM-3 supports key-based server authentication and password-based client authentication.
> Background reading:
> * The Simple Public-Key GSS-API Mechanism (SPKM): https://tools.ietf.org/html/rfc2025
> * Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication and Security Layer (SASL): The GS2 Mechanism Family: https://tools.ietf.org/html/rfc5801
> * LIPKEY - A Low Infrastructure Public Key Mechanism Using SPKM: https://tools.ietf.org/html/rfc2847 (also referred to as SPKM-3)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

More information about the jboss-jira mailing list