[jboss-jira] [JBoss JIRA] (WFCORE-1100) One time password for management interfaces
Brian Stansberry (JIRA)
issues at jboss.org
Wed Nov 4 20:02:00 EST 2015
[ https://issues.jboss.org/browse/WFCORE-1100?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Stansberry moved WFLY-760 to WFCORE-1100:
-----------------------------------------------
Project: WildFly Core (was: WildFly)
Key: WFCORE-1100 (was: WFLY-760)
Component/s: Domain Management
Security
(was: Domain Management)
(was: Security)
Fix Version/s: (was: Awaiting Volunteers)
> One time password for management interfaces
> -------------------------------------------
>
> Key: WFCORE-1100
> URL: https://issues.jboss.org/browse/WFCORE-1100
> Project: WildFly Core
> Issue Type: Task
> Components: Domain Management, Security
> Reporter: Darran Lofthouse
> Labels: Common_Authentication
>
> This task is to look into one time password use for the management consoles.
> This needs some further investigation as there is a trade off between ensuring a password is really one time and not valid for replays after use yet allowing a users web browser to keep establishing connections without forcing a new authentication every few minutes.
> The native interface also needs similar consideration however the native interface does allow for connections to be kept open for a long time more naturally.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list