[security-dev] Undertow / IdentityManager and Digest Authentication

Stuart Douglas sdouglas at redhat.com
Wed May 1 19:00:56 EDT 2013

Bill Burke wrote:

> It is just completely frustrating on my end because you keep saying you
> don't want to expose raw/secret credential values, and yet, you state
> things like you want to be able to register Handlers at the application
> level.  Once an application can register a Handler, what is stopping it
> from getting access to the raw/secret credential?  Nothing...  So,
> instead of writing simple code that queries for a secret then performs a
> hash, I have to go through the hoops of creating a handler and
> registering it.  Complexity for no gain...

I agree with Bill here. Either way user credentials are queryable. Its 
just that in the CredentialHandler method you first need to register a 
credential handler. If there is no security manager then all code is 
implicitly trusted, if there is a security manager you can apply the 
same permission checks to the method that returns the credential as you 
can to the addCredentialHandler method.

I just think that over time the CredentialHandler method will result in 
much more messy code, especially if you have to stick arbitrary state 
into the credential. This can open up situations where you end up with 
two different implementations of the same credential, as two different 
handlers need different state to be passed back to the caller.

I really think that the CredentialHandler method has the potential to 
turn into a mess.


More information about the security-dev mailing list