Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-14342

[EO12] Add information how and when to use SASL mechanisms

XMLWordPrintable

      Book: How to Configure Server Security
      Revision: 3054cc5
      Section: A.2.1. Support Level for SASL Authentication Mechanisms

      This issue follows up on original JBEAP-7694.

      Information how and when to use SASL mechanisms. Hopefully DEV team can provide these information. The form could be for instance a set of examples - e.g. (this are just few pieces based on testing):

      • when you want to authenticate with Kerberos, use one of GSSAPI, GS2-KRB5, GS2-KRB5-PLUS
      • for SSL/TLS client certificate authentication use EXTERNAL mechanism
      • when you need a password credentials propagation to be working on server, use PLAIN mechanism
      • for authentication without credentials use ANONYMOUS mechanism
      • when mechanism has its channel binding variant (-PLUS), use it always when the underlying connection is a SSL/TLS one

              lcosti.redhat Lucas Costi (Inactive)
              lcosti.redhat Lucas Costi (Inactive)
              Ondrej Lukas Ondrej Lukas (Inactive)
              Ondrej Lukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: