[jboss-jira] [JBoss JIRA] (ELY-374) Ambiguous application of CredentialCallback
David Lloyd (JIRA)
issues at jboss.org
Wed Nov 18 19:48:00 EST 2015
[ https://issues.jboss.org/browse/ELY-374?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13130556#comment-13130556 ]
David Lloyd edited comment on ELY-374 at 11/18/15 7:47 PM:
-----------------------------------------------------------
I think the main deciding factor on using a peer {{CredentialCallback}} versus a {{VerifyPeerTrustedCallback}} is, if you have a {{NameCallback}} which provides the peer name in advance, then use {{CredentialCallback}} (or {{EvidenceVerifyCallback}}), else {{VerifyPeerTrustedCallback}}.
What makes {{NameCallback}} special is that on the client side, it's used to query the local callback handler to get the name to send to the peer, i.e. it's a local name. On the server side, it is used to tell the callback handler what name the client is using, i.e. it's a peer name. There isn't a flag to distinguish the cases.
was (Author: dmlloyd):
I think the main deciding factor on using a peer {{CredentialCallback}} versus a {{VerifyPeerTrustedCallback}} is, if you have a {{NameCallback}} for the peer, then use {{CredentialCallback}} (or {{EvidenceVerifyCallback}}), else {{VerifyPeerTrustedCallback}}.
What makes {{NameCallback}} special is that on the client side, it's used to query the local callback handler to get the name to send to the peer, i.e. it's a local name. On the server side, it is used to tell the callback handler what name the client is using, i.e. it's a peer name. There isn't a flag to distinguish the cases.
> Ambiguous application of CredentialCallback
> -------------------------------------------
>
> Key: ELY-374
> URL: https://issues.jboss.org/browse/ELY-374
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Authentication Mechanisms, Callbacks, SASL
> Reporter: David Lloyd
> Priority: Critical
> Fix For: 1.1.0.Beta3
>
>
> We have a problem where there is an ambiguous application of {{CredentialCallback}}.
> On the client, this callback is used to acquire the credential to use for outbound authentication. On the server, it is used in two ways:
> * For most authentication, it is used to acquire the credential that is used to verify the client identity.
> * For Entity authentication, it is used to acquire the credential that is used to identify the server to the client.
> The reason Entity can get away with this special behavior is that it uses the {{VerifyPeerTrustedCallback}} instead of {{CredentialCallbak}} for checking the peer. Unfortunately, it is not easy for a callback handler to know when {{CredentialCallback}} is being used for the host identity versus the authenticating user identity. This needs to be solved ASAP so that we can have server mechanisms that present a host identity as well as acquiring a credential for user authentication.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list