[jboss-jira] [JBoss JIRA] (ELY-233) ServerAuthenticationContext callback handler special handling for AuthorizeCallback
David Lloyd (JIRA)
issues at jboss.org
Tue Oct 6 22:28:00 EDT 2015
[ https://issues.jboss.org/browse/ELY-233?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Lloyd resolved ELY-233.
-----------------------------
Fix Version/s: 1.1.0.Alpha1
(was: 1.1.0.Alpha2)
Assignee: Kabir Khan
Resolution: Done
Kabir more or less solved this back in July.
> ServerAuthenticationContext callback handler special handling for AuthorizeCallback
> -----------------------------------------------------------------------------------
>
> Key: ELY-233
> URL: https://issues.jboss.org/browse/ELY-233
> Project: WildFly Elytron
> Issue Type: Task
> Components: API / SPI
> Reporter: David Lloyd
> Assignee: Kabir Khan
> Fix For: 1.1.0.Alpha1
>
>
> The ServerAuthenticationContext's callback handler implementation currently handles each callback in order.
> It should instead handle all callbacks in order *except* for the AuthorizeCallback, which it should handle last. This will make it somewhat resilient against SASL server mechanisms (and other server mechanisms) which incorrectly send in the authorize callback before finishing authentication.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list