[jboss-jira] [JBoss JIRA] (WFCORE-1100) One time password for management interfaces
Darran Lofthouse (JIRA)
issues at jboss.org
Thu Nov 10 06:52:02 EST 2016
[ https://issues.jboss.org/browse/WFCORE-1100?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse resolved WFCORE-1100.
--------------------------------------
Fix Version/s: 3.0.0.Alpha13
Assignee: Darran Lofthouse
Resolution: Out of Date
Management authentication is being migrated to WildFly Elytron so OTP support will be considered there.
> One time password for management interfaces
> -------------------------------------------
>
> Key: WFCORE-1100
> URL: https://issues.jboss.org/browse/WFCORE-1100
> Project: WildFly Core
> Issue Type: Task
> Components: Domain Management, Security
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Labels: Common_Authentication
> Fix For: 3.0.0.Alpha13
>
>
> This task is to look into one time password use for the management consoles.
> This needs some further investigation as there is a trade off between ensuring a password is really one time and not valid for replays after use yet allowing a users web browser to keep establishing connections without forcing a new authentication every few minutes.
> The native interface also needs similar consideration however the native interface does allow for connections to be kept open for a long time more naturally.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list