Am 2022-12-05 um 17:41 schrieb larry mccay:
Hi Oleg -
Happy to see Bearer Tokens coming in as a first class auth scheme.
Can you be a bit clearer on continued support for SPNEGO and KERBEROS going
forward for those still using them?
Disabling them by default means that we will need to explicitly enable them?
Deprecating them means that you plan to remove them completely?
I would not recommend using them at all. They are poorly written and
violate RFC 7546. To answer both of your questions: yes.
Also, as I said before, I'd be willing to write a new integration as
soon as I have a business need, for the past years I didn't need it. One
of the reaons which held me off is that the Nexus developers didn't want
to fix issues with me which would require to integrate it and others are
that all SPNEGO-enabled services I provide are either accessed through
SSPI or MIT Kerberos.
Michael
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org
