Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-4133

[GSS](7.1.z) SPNEGO performance optimalization by avoiding one network roundtrip

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Obsolete
    • Major
    • None
    • None
    • Security
    • None

    Description

      Currently if
      1. Client sends mechanisms in these order "Kerberos V5 Legacy", "Kerberos V5" + valid kerberos ticket
      2. EAP server sends accept_incomplete (Continuation required) and forces usage of "Kerberos V5"
      3. Client sends again the ticket
      4. Server sends accept_complete

      I wonder is there a chance EAP server can omit one network roundtrip?

      1. Client sends mechanisms in these order "Kerberos V5 Legacy", "Kerberos V5" + valid kerberos ticket
      2. EAP server sends accept_complete based on that "Kerberos V5" is present and valid kerberos ticket is provided

      It could bring big performance gain, because one network client-server roundtrip could be saved.

      Attachments

        Issue Links

          is related to

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-3709 [EAP 7] Negotiation/UnderTow does not handle the "Continuation Required" situation correctly

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Activity

            People

              dvilkola@redhat.com Diana Krepinska
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: