[jboss-jira] [JBoss JIRA] (ELY-1466) Add configuration option to BASIC mechanism to switch off challenging
Ray Ramos (JIRA)
issues at jboss.org
Wed Dec 13 16:07:00 EST 2017
[ https://issues.jboss.org/browse/ELY-1466?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13505258#comment-13505258 ]
Ray Ramos commented on ELY-1466:
--------------------------------
The business requirement would be, "As an application developer, I need multiple authentication and authorizations methods configured for the same application, in order to support both human and machine consumption."
For humans, HTML, CSS, JSP, JSF, etc would be secured using FORM authentication and probably some type of SSO like LDAP or SAML.
And in the same application, a JAX-RS, JAX-WS, and possibly bare Servlet, would be configured for consumption by a machine. This could simply be HTTP BASIC or also LDAP or SAML.
The point is, one application, multiple clients.
> Add configuration option to BASIC mechanism to switch off challenging
> ---------------------------------------------------------------------
>
> Key: ELY-1466
> URL: https://issues.jboss.org/browse/ELY-1466
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: HTTP
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 1.2.0.Beta11
>
>
> This may be desirable where paired with FORM auth so users can use FORM auth and other clients use BASIC.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list