[jboss-jira] [JBoss JIRA] (ELY-251) More certain credential based mechanism selection.
Jan Kalina (JIRA)
issues at jboss.org
Fri Dec 15 09:51:00 EST 2017
[ https://issues.jboss.org/browse/ELY-251?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13506251#comment-13506251 ]
Jan Kalina commented on ELY-251:
--------------------------------
Are we able to determine if the mechanism is supported before it is used? Currently we are able to determine if we have appropriate credential in realm only after user provides identity name, which requires to mechanism be already used to communicated this...
> More certain credential based mechanism selection.
> --------------------------------------------------
>
> Key: ELY-251
> URL: https://issues.jboss.org/browse/ELY-251
> Project: WildFly Elytron
> Issue Type: Task
> Components: SASL
> Reporter: Darran Lofthouse
> Fix For: 1.2.0.Beta12
>
>
> When filtering authentication mechanisms we need to really be able to offer two modes: -
> 1 - Only offer a mech if we are sure it is supported.
> Risks only offering a weaker mechanism in a mixed domain but also eliminates mechanisms that could fail for a valid user that just happens to have a different credential type.
> 2- More general support.
> i.e. offer the mechs that may be supported.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list