[jboss-jira] [JBoss JIRA] (ELY-527) Handling of SSLSessionAuthorizationCallback is missing a call to authorize()
David Lloyd (JIRA)
issues at jboss.org
Thu May 5 08:53:00 EDT 2016
[ https://issues.jboss.org/browse/ELY-527?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13201564#comment-13201564 ]
David Lloyd commented on ELY-527:
---------------------------------
SSL session authorization is already an authorization (like AnonymousAuthorizationCallback) so a redundant authorize should not be necessary.
That said if we're dropping this class in favor of proper scope auth, we'd need to go back to using AuthorizeCallback again.
> Handling of SSLSessionAuthorizationCallback is missing a call to authorize()
> ----------------------------------------------------------------------------
>
> Key: ELY-527
> URL: https://issues.jboss.org/browse/ELY-527
> Project: WildFly Elytron
> Issue Type: Bug
> Components: SSL
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 1.1.0.Beta6
>
>
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list