[jboss-jira] [JBoss JIRA] (ELY-281) Investigate if it's possible to modify the OTP SASL mechanism and password implementation to make use of the credential verification API
Farah Juma (JIRA)
issues at jboss.org
Tue Sep 1 16:53:05 EDT 2015
Farah Juma created ELY-281:
------------------------------
Summary: Investigate if it's possible to modify the OTP SASL mechanism and password implementation to make use of the credential verification API
Key: ELY-281
URL: https://issues.jboss.org/browse/ELY-281
Project: WildFly Elytron
Issue Type: Feature Request
Components: SASL
Reporter: Farah Juma
Assignee: Farah Juma
The main idea here is to be able to pass the guess that's being verified to the realm and have the realm handle updating the stored credential if verification succeeds.
Relevant chat discussion:
{quote}
\[8:42 AM\] Darran Lofthouse: @KabirKhan Ok, so you are trying to test OTP and require updates to be applied to the realm
\[8:43 AM\] Darran Lofthouse: One option is to update the ServerAuthenticationContext to make an update
\[8:43 AM\] Kabir Khan: That is what I had planned
\[8:43 AM\] Darran Lofthouse: I do also wonder if a second option may be to use the credential verification API we have instead so the credential being verified is passed into the realm and the realm can handle updates internally
\[8:44 AM\] Darran Lofthouse: although have not been in the credential in detail to see if this is possible
\[8:44 AM\] Kabir Khan: Possibly, I'd need to look at the code a bit better though
\[8:44 AM\] Kabir Khan: the first option is what stood out to me
\[8:45 AM\] Darran Lofthouse: the first option may match with how the credential and mech are currently implemented - but does risk us adding more and more behaviour to ServerAuthenticationContext
{quote}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the jboss-jira
mailing list