[jboss-jira] [JBoss JIRA] (WFCORE-2386) Legacy Kerberos in management, unable to configure fallback authentication.
Darran Lofthouse (JIRA)
issues at jboss.org
Tue Mar 28 10:04:00 EDT 2017
[ https://issues.jboss.org/browse/WFCORE-2386?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated WFCORE-2386:
-------------------------------------
Fix Version/s: 3.0.0.Alpha24
(was: 3.0.0.Beta12)
> Legacy Kerberos in management, unable to configure fallback authentication.
> ---------------------------------------------------------------------------
>
> Key: WFCORE-2386
> URL: https://issues.jboss.org/browse/WFCORE-2386
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Martin Choma
> Assignee: Darran Lofthouse
> Priority: Blocker
> Labels: regression
> Fix For: 3.0.0.Alpha24
>
>
> In EAP 7.0 there was possible to configure fallback (e.g. BASIC) authentication, if client does not support SPNEGO authentication. In EAP 7.1 this feature does not work anymore.
> In EAP 7.0 server returns multiple chalanges (Negotiate/Basic) and client could choose which he will use.
> {code:title=EAP 7.0}
> HTTP/1.1 401 Unauthorized
> Connection: keep-alive
> WWW-Authenticate: Negotiate
> WWW-Authenticate: Basic realm="FallBackKerberosRealm"
> X-Frame-Options: SAMEORIGIN
> Content-Length: 77
> Content-Type: text/html
> Date: Mon, 30 Jan 2017 11:02:45 GMT
> <html><head><title>Error</title></head><body>401 - Unauthorized</body></html>
> {code}
> In EAP 7.1 (with same configuration) server returns only one chalange - Negotiate so client not supporting SPNEGO, can't fallback to Basic.
> {code:title=EAP 7.1}
> HTTP/1.1 401 Unauthorized
> Connection: keep-alive
> WWW-Authenticate: Negotiate
> X-Frame-Options: SAMEORIGIN
> Content-Length: 77
> Content-Type: text/html
> Date: Mon, 30 Jan 2017 11:01:28 GMT
> <html><head><title>Error</title></head><body>401 - Unauthorized</body></html>
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list