[jira] [Commented] (PROTON-1486) Proton(-J) provides no mechanism to get or set the additional-data field on sasl-outcome

Thu, 13 Jul 2017 07:39:12 -0700 

    [ 
https://issues.apache.org/jira/browse/PROTON-1486?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16085775#comment-16085775
 ] 

ASF GitHub Bot commented on PROTON-1486:
----------------------------------------

GitHub user k-wall opened a pull request:

    https://github.com/apache/qpid-proton-j/pull/9

    PROTON-1486: Expose SaslOutcome additional-data to users of the API

    Based on original work by rgodfrey <[email protected]>
    
    Having reviewed the existing API, it seemed reusing the existing send/recv 
interface for the sending/receiving of additional-data was the most fitting.    
Supporting test cases added.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/k-wall/qpid-proton-j master

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/qpid-proton-j/pull/9.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #9
    
----
commit 6789e558d92ed341d1655f59a8a4daddbf68dfb1
Author: Keith Wall <[email protected]>
Date:   2017-07-12T10:03:04Z

    PROTON-1486: Expose SaslOutcome additional-data to users of the API
    
    Based on original work by rgodfrey <[email protected]>

----


> Proton(-J) provides no mechanism to get or set the additional-data field on 
> sasl-outcome
> ----------------------------------------------------------------------------------------
>
>                 Key: PROTON-1486
>                 URL: https://issues.apache.org/jira/browse/PROTON-1486
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-j
>            Reporter: Rob Godfrey
>            Assignee: Keith Wall
>         Attachments: PROTON_1486.patch
>
>
> The Proton Engine API provides no mechanism for getting or setting the 
> additional-data field on sasl-outcome.
> Some SASL mechanisms (e.g. SCRAM-SHA-\*) send additional data along with the 
> outcome (in the case of SCRAM-SHA-\* the additional data is a proof that the 
> server is also aware of the credentials and is not simply just accepting any 
> credential data as part of some sort of attack).
> One approach for the API would be to expose the additional-data field using 
> the send/recv/pending methods used for exchanging the challenge/response in 
> the earlier phases of the sasl exchange.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to