javaee-security-spec@javaee.groups.io | Build In Identity Stores - Credential Validation

Home Messages Hashtags

Topics

Date Date 1 - 5 of 5

Build In Identity Stores - Credential Validation

Darran Lofthouse #292 The build in default beans should mean some consistent implementations across different containers. On the two identity stores there doesn't seem to be any description as to how this validation will happen. Regards, Darran Lofthouse.
More All Messages By This Member
Will Hopkins #298 Do you think this needs to be described in detail? LDAP authentication, and validation of passwords stored in a DB, are fairly straightforward. On 07/07/2017 05:31 AM, Darran Lofthouse wrote: The build in default beans should mean some consistent implementations across different containers. On the two identity stores there doesn't seem to be any description as to how this validation will happen. Regards, Darran Lofthouse. -- Will Hopkins \| WebLogic Security Architect \| +1.781.442.0310 Oracle Application Development 35 Network Drive, Burlington, MA 01803
More All Messages By This Member
Darran Lofthouse #300 My assumption so far is the LDAP authentication will be achieved by attempting to connect to LDAP using the located DN and provided password. For database I assume it is a case of retrieving the password, apply the configured hash to the provided password and compare the two. If that is correct I don't think it needs to state much more than that really. toggle quoted messageShow quoted text On Fri, 7 Jul 2017 at 16:26 Will Hopkins <will.hopkins@...> wrote: Do you think this needs to be described in detail? LDAP authentication, and validation of passwords stored in a DB, are fairly straightforward. On 07/07/2017 05:31 AM, Darran Lofthouse wrote: The build in default beans should mean some consistent implementations across different containers. On the two identity stores there doesn't seem to be any description as to how this validation will happen. Regards, Darran Lofthouse. -- Will Hopkins \| WebLogic Security Architect \| +1.781.442.0310 Oracle Application Development 35 Network Drive, Burlington, MA 01803
More All Messages By This Member
Arjan Tijms #301 Indeed, that's what happens. When in doubt, vendors can additionally check the RI, although the spec should be clear enough of course.
More All Messages By This Member
Will Hopkins #309 That's the idea as I understand it. I can certainly add a few words to that effect. On 07/07/2017 11:30 AM, Darran Lofthouse wrote: My assumption so far is the LDAP authentication will be achieved by attempting to connect to LDAP using the located DN and provided password. For database I assume it is a case of retrieving the password, apply the configured hash to the provided password and compare the two. If that is correct I don't think it needs to state much more than that really. On Fri, 7 Jul 2017 at 16:26 Will Hopkins <will.hopkins@...> wrote: Do you think this needs to be described in detail? LDAP authentication, and validation of passwords stored in a DB, are fairly straightforward. On 07/07/2017 05:31 AM, Darran Lofthouse wrote: The build in default beans should mean some consistent implementations across different containers. On the two identity stores there doesn't seem to be any description as to how this validation will happen. Regards, Darran Lofthouse. -- Will Hopkins \| WebLogic Security Architect \| +1.781.442.0310 Oracle Application Development 35 Network Drive, Burlington, MA 01803 -- Will Hopkins \| WebLogic Security Architect \| +1.781.442.0310 Oracle Application Development 35 Network Drive, Burlington, MA 01803
More All Messages By This Member

1 - 5 of 5

1

Previous Topic Next Topic

Home Messages Hashtags About Features Pricing Updates Terms Help Twitter