Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: 7.1.0.CR4
Affects Version/s: None
Component/s: Security
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA

SFDC Cases Counter:
SFDC Cases Links:

The results in every single request being retried. This has two negative impacts. The extra request adds a round trip which hurts response time on high latency connections. Additionally large posts have double the bandwidth consumption and can be interpreted as failures. For example a 300 mb upload in the console would likely lead to the user assuming a hang.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

digestApp.war
2017/10/13 9:43 AM
4 kB
Jan Stourac
exampleAuth.pcapng
2017/10/13 9:43 AM
14 kB
Jan Stourac
roles.properties
2017/10/13 9:43 AM
0.1 kB
Jan Stourac
standalone.xml
2017/10/13 9:43 AM
18 kB
Jan Stourac
users.properties
2017/10/13 9:43 AM
0.1 kB
Jan Stourac

clones

ELY-1375 Digest auth uses single use nonces with no Authentication-Info header

Resolved

is cloned by

ELY-1410 Digest auth does not support nonce count, causing browsers to replay every request

Resolved

is incorporated by

JBEAP-13548 Upgrade WildFly Elytron to 1.1.6.Final

Verified

JBEAP-13226 Upgrade WildFly Elytron to 1.1.3.Final

Verified

is related to

JBEAP-13601 Updated digest-auth test for JBEAP-13298 - reusing nonces

Verified

relates to

ELY-1410 Digest auth does not support nonce count, causing browsers to replay every request

Resolved

(1 relates to)

Assignee:: Darran Lofthouse

Reporter:: Stuart Douglas

Tester:: Jan Stourac

QA Contact:: Jan Stourac

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2017/10/01 5:58 AM

Updated:: 2021/10/24 5:42 AM

Resolved:: 2017/10/20 11:13 PM

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates