[jboss-jira] [JBoss JIRA] (ELY-252) Take into account username after failed authentication for available mechs
Darran Lofthouse (JIRA)
issues at jboss.org
Tue Oct 13 10:54:03 EDT 2015
[ https://issues.jboss.org/browse/ELY-252?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated ELY-252:
---------------------------------
Fix Version/s: 1.1.0.Alpha3
(was: 1.1.0.Alpha2)
> Take into account username after failed authentication for available mechs
> --------------------------------------------------------------------------
>
> Key: ELY-252
> URL: https://issues.jboss.org/browse/ELY-252
> Project: WildFly Elytron
> Issue Type: Task
> Components: SASL
> Reporter: Darran Lofthouse
> Fix For: 1.1.0.Alpha3
>
>
> This is something we would need to be cautious about as it does risk revealing information to an attacker but after a files attempt we may have more information and be able to offer mechanisms based on this.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list