You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Keith Wall (JIRA)" <ji...@apache.org> on 2015/12/30 12:26:49 UTC

[jira] [Created] (QPID-6965) Make preemptive HTTP authentication pluggable

Keith Wall created QPID-6965:
--------------------------------

             Summary: Make preemptive HTTP authentication pluggable
                 Key: QPID-6965
                 URL: https://issues.apache.org/jira/browse/QPID-6965
             Project: Qpid
          Issue Type: Improvement
          Components: Java Broker
            Reporter: Keith Wall


Current the HTTP module includes the ability to support a preemptive {{Basic-Auth:}} authentication.   (This is one where the client's request includes the Basic-Auth header providing correctly encoded credentials allowing the client's interaction with the Broker to be 'single-shot', without the need to separately authenticate a session).  This is very useful when scripting with tools such as {{curl}}.

This ability should be generalised so that other types of preemptive authentication can be supported too.  One example would be a OAUTH's bearer authorization header [https://tools.ietf.org/html/rfc6750#page-5].






--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org