Details
-
Enhancement
-
Resolution: Duplicate
-
Minor
-
None
-
None
-
None
Description
'policy' is now an XML attribute on the SASL element
Old
<sasl server-name="myhotrodserver"
mechanisms="PLAIN DIGEST-MD5 GSSAPI EXTERNAL"
qop="auth">
<!-- Defines policies for SASL mechanisms. -->
<policy>
<no-active value="true" />
<no-anonymous value="true" />
<no-plain-text value="true" />
</policy>
</sasl>
New
<sasl server-name="myhotrodserver" mechanisms="PLAIN DIGEST-MD5 GSSAPI EXTERNAL" qop="auth" strength="high medium low" policy="forward-secrecy no-active no-anonymous no-dictionary no-plain-text pass-credentials">
Elytron SASL implementations of the mechs, and the absence of the property is identical to it being false
Each property's value is either "true" or "false". If a property is absent, then the resulting mechanism need not have that characteristic (that is, the value is effectively "false").
javax.security.sasl.policy.noanonymous
Specifies that the selected SASL mechanism must not accept anonymous logins.
the only mechs that support no-anonymous=false are EXTERNAL and ANONYMOUS
Attachments
Issue Links
- is incorporated by
-
-
- Closed
-