[jboss-jira] [JBoss JIRA] (ELY-286) HTTP Digest Authentication
Jan Kalina (JIRA)
issues at jboss.org
Thu Jan 25 11:03:00 EST 2018
[ https://issues.jboss.org/browse/ELY-286?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13523970#comment-13523970 ]
Jan Kalina edited comment on ELY-286 at 1/25/18 11:02 AM:
----------------------------------------------------------
Missing feature to support RFC 7616:
* {{username*}} parameter (for sending encoded UTF-8 username)
* {{userhash}} parameter (sending hash of username instead of username) - MUST be implemented on client, SHOULD be implemented on server (but can be design problem to obtain identity from security realm by username hash)
was (Author: honza889):
Missing feature to support RFC 7616:
* support of {{username*}} parameter (for sending encoded UTF-8 username)
* {{userhash}} parameter (sending hash of username instead of username) - MUST be implemented on client, SHOULD be implemented on server (but can be design problem to obtain identity from security realm by username hash)
> HTTP Digest Authentication
> --------------------------
>
> Key: ELY-286
> URL: https://issues.jboss.org/browse/ELY-286
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: HTTP
> Reporter: Darran Lofthouse
> Fix For: 1.2.0.Beta14
>
>
> Original Digest RFC [https://tools.ietf.org/html/rfc2069]
> Current Digest RFC [https://tools.ietf.org/html/rfc2617]
> HTTP 1.1 Authentication (Updates RFC2617) [https://tools.ietf.org/html/rfc7235]
> Draft currently under discussion - [https://datatracker.ietf.org/doc/draft-ietf-httpauth-digest/]
> RFC7616 Now Proposed Standard
> "HTTP Digest Access Authentication", September 2015
> [https://www.rfc-editor.org/info/rfc7616]
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list