You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2015/12/31 00:01:49 UTC
[jira] [Commented] (QPID-6965) Make preemptive HTTP authentication
pluggable
[ https://issues.apache.org/jira/browse/QPID-6965?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15075497#comment-15075497 ]
ASF subversion and git services commented on QPID-6965:
-------------------------------------------------------
Commit 1722416 from [~godfrer] in branch 'java/trunk'
[ https://svn.apache.org/r1722416 ]
QPID-6965 : Make preemptive HTTP authentication pluggable
> Make preemptive HTTP authentication pluggable
> ---------------------------------------------
>
> Key: QPID-6965
> URL: https://issues.apache.org/jira/browse/QPID-6965
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Keith Wall
>
> Currently the HTTP module includes the ability to support a preemptive {{Authorization: Basic-Auth <base64>}} authentication. (This is one where the client's request includes the Basic-Auth header providing correctly encoded credentials allowing the client's interaction with the Broker to be 'single-shot', without the need to separately authenticate a session). This is very useful when scripting with tools such as {{curl}}.
> This ability should be generalised so that other types of preemptive authentication can be supported too. One example would be a OAUTH's bearer authorization header {{Authorization: Bearer <token}}. See [https://tools.ietf.org/html/rfc6750#page-5].
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org