[security-dev] Undertow / IdentityManager and Digest Authentication
sdouglas at redhat.com
Wed May 1 19:00:56 EDT 2013
Bill Burke wrote:
> It is just completely frustrating on my end because you keep saying you
> don't want to expose raw/secret credential values, and yet, you state
> things like you want to be able to register Handlers at the application
> level. Once an application can register a Handler, what is stopping it
> from getting access to the raw/secret credential? Nothing... So,
> instead of writing simple code that queries for a secret then performs a
> hash, I have to go through the hoops of creating a handler and
> registering it. Complexity for no gain...
I agree with Bill here. Either way user credentials are queryable. Its
just that in the CredentialHandler method you first need to register a
credential handler. If there is no security manager then all code is
implicitly trusted, if there is a security manager you can apply the
same permission checks to the method that returns the credential as you
can to the addCredentialHandler method.
I just think that over time the CredentialHandler method will result in
much more messy code, especially if you have to stick arbitrary state
into the credential. This can open up situations where you end up with
two different implementations of the same credential, as two different
handlers need different state to be passed back to the caller.
I really think that the CredentialHandler method has the potential to
turn into a mess.
More information about the security-dev