Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-175

SASL mechanism availability should take into account credential support.

    Details

    • Type: Feature Request
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 1.0.0.Alpha3
    • Component/s: SASL
    • Labels:
      None

      Description

      One of the main reasons for having a getCredentialSupport API is so that we select appropriate authentication mechanisms based on the credentials available to us or the level of validation possible.

      This should also consider advertising all variants of a mechanism or strongest only.

      I will mention it here but we may want as a separate task some form of downgrade detection as this could be a sign of a malicious MITM.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                dmlloyd David Lloyd
                Reporter:
                dlofthouse Darran Lofthouse
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: