[
https://issues.apache.org/jira/browse/QPID-8178?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16460690#comment-16460690
]
Rob Godfrey commented on QPID-8178:
-----------------------------------
For this case, what would you expect the agreed SASL mechanism to be?
Logically it is really EXTERNAL - the authentication context is carried
external to the SASL exchange. An OAUTH2 provider which offers EXTERNAL should
therefore be looking for this token in the websocket transport rather than
inspecting any client supplied cert.
> [Broker-J] [Websocket] Support authentication from bearer token carried by
> authentication header
> ------------------------------------------------------------------------------------------------
>
> Key: QPID-8178
> URL: https://issues.apache.org/jira/browse/QPID-8178
> Project: Qpid
> Issue Type: Improvement
> Components: Broker-J
> Reporter: Keith Wall
> Priority: Minor
> Fix For: Future
>
>
> Broker-J's AMQP websocket support should be enhanced to accept a bearer token
> from the websocket transport. If present and the port is configured to use
> an authentication provider that supports the XOAUTH-2 mechanism, the token
> should be passed to the authentication provider so it can complete the
> authentication process.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
