[jira] [Commented] (HTTPCLIENT-1625) Completely overhaul GSS-API-based authentication backend

Tue, 11 Feb 2020 05:54:12 -0800 


    [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-1625?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17034457#comment-17034457
 ] 

Michael Osipov commented on HTTPCLIENT-1625:
--------------------------------------------

[~bedrin]

{quote}MITM shouldn't be an issue if used together with TLS, no?
{quote}
I hope so, I know that there are middleboxes trying to examine/break TLS 
traffic to scan it. But just because there is TLS doesn't make the bad/wrong 
behavior any better.

[~mkuespert]
{quote}Another thing: I've read a bit into RFC 7546 and saw this sentence 'This 
document brings all the requirements together into one place for the 
convenience of implementors'. Still I do not get the methods described there 
aligned with RFC 5653, 2743 and 4559. Is there a higher level 
overview/documentation available?{quote}

No, you have to go the hard way: READ. As sad as it sounds. That's the reason 
why 90% get it wrong.

As for the rest of the questions: I cannot go into detail because I am in a bad 
condition right now.

> Completely overhaul GSS-API-based authentication backend
> --------------------------------------------------------
>
>                 Key: HTTPCLIENT-1625
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1625
>             Project: HttpComponents HttpClient
>          Issue Type: Task
>          Components: Documentation, HttpClient (classic)
>    Affects Versions: 4.5
>            Reporter: Michael Osipov
>            Assignee: Michael Osipov
>            Priority: Major
>              Labels: stuck, volunteers-wanted
>             Fix For: Stuck
>
>
> The current implementation does not reflect the way GSS-API-based 
> authentication should be done. It has several design flaws.
> This is an umbrella task for:
> 1. Deprecate all old classes
> 2. Investigate how it has to be plugged into HttpClient
> 3. Reimplement from scratch
> 4. Thoroughly test all new stuff
> 5. Rewrite documentation
> Design notes are canonically available under: 
> https://wiki.apache.org/HttpComponents/IssueTracking/HTTPCLIENT-1625



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to