[QPID-6965] Make preemptive HTTP authentication pluggable - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: qpid-java-6.0.1, qpid-java-6.1
Component/s: Broker-J
Labels:
None

Description

Currently the HTTP module includes the ability to support a preemptive Authorization: Basic-Auth <base64> authentication. (This is one where the client's request includes the Basic-Auth header providing correctly encoded credentials allowing the client's interaction with the Broker to be 'single-shot', without the need to separately authenticate a session). This is very useful when scripting with tools such as curl.

This ability should be generalised so that other types of preemptive authentication can be supported too. One example would be a OAUTH's bearer authorization header Authorization: Bearer <token. See https://tools.ietf.org/html/rfc6750#page-5.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

fix-compilation-issue-on-6-0-branch.diff
02/Feb/16 14:44
2 kB
Alex Rudyy

Activity

People

Assignee:: Keith Wall

Reporter:: Keith Wall

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 30/Dec/15 11:25

Updated:: 02/Oct/19 19:21

Resolved:: 01/Feb/16 15:44