[jboss-jira] [JBoss JIRA] (WFLY-9607) Remove DigestAuthenticationMechanism code duplication between Wildfly, Undertow and Elytron

[Darran Lofthouse (JIRA)]

    [ https://issues.jboss.org/browse/WFLY-9607?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13504082#comment-13504082 ] 

Darran Lofthouse commented on WFLY-9607:
----------------------------------------

The legacy implementation is to support integration with the PicketBox login modules due to the differences in the APIs to get the required credentials into the LoginModule - PicketBox has been deprecated so that code is already deprecated.

The legacy security realms are now wrapped in Elytron components so the management interfaces use the Elytron implementation now and not the Undertow implementation.

So at this stage we only have two implementations actively in use but one of them is for legacy integration already deprecated to be removed at a future point.

> Remove DigestAuthenticationMechanism code duplication between Wildfly, Undertow and Elytron
> -------------------------------------------------------------------------------------------
>
>                 Key: WFLY-9607
>                 URL: https://issues.jboss.org/browse/WFLY-9607
>             Project: WildFly
>          Issue Type: Enhancement
>          Components: Security
>    Affects Versions: 11.0.0.Final
>            Reporter: Bartosz Spyrko-Śmietanko
>            Assignee: Darran Lofthouse
>
> Digest authentication mechanism is currently implemented in 3 places - in Wildfly undertow subsystem (legacy web authentication), Undertow itself (web console authentication) and Elytron (web authentication).
> Any issue found in one of those scenarios is likely to affect others requiring fixing multiple codebases - ideally there should be a single implementation.



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)