[
https://issues.apache.org/jira/browse/CXF-4425?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13415167#comment-13415167
]
Sergey Beryozkin commented on CXF-4425:
---------------------------------------
Right, so the issue is about nonces being not validated. This is not something
CXF will do by default but I'll check if the default validator can be
configured to validate them, and possibly reintroduce OAuth validator interface
for users to customize the validation process which was originally available in
the oauth 10 contribution
> [OAuth] enable to send multiple requests with the same header
> -------------------------------------------------------------
>
> Key: CXF-4425
> URL: https://issues.apache.org/jira/browse/CXF-4425
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security
> Affects Versions: 2.6.1
> Reporter: Evgeni Kisel
>
> It's possible to send multiple request with the same header. Actually it's a
> security violation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
