[GitHub] [tomcat] michael-o commented on pull request #444: Delegate check for preemptive authentication from AuthenticatorBase to affected Authenticators
michael-o commented on pull request #444: URL: https://github.com/apache/tomcat/pull/444#issuecomment-900359300 > > > Preemptive authentication for TLS needs to be retained. There are a few edge cases where it still has an effect. For example when `certificateVerification="optional"` is used. Can you explain how? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] michael-o commented on pull request #444: Delegate check for preemptive authentication from AuthenticatorBase to affected Authenticators
michael-o commented on pull request #444: URL: https://github.com/apache/tomcat/pull/444#issuecomment-897565545 This needs to analyzed whether the tests are invalid or not. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] michael-o commented on pull request #444: Delegate check for preemptive authentication from AuthenticatorBase to affected Authenticators
michael-o commented on pull request #444: URL: https://github.com/apache/tomcat/pull/444#issuecomment-897500252 > > > That's a good point IMHO. Now that the check is in the individual `Authenticator`s it can easily be made more specific. I'm not too familiar with Digest and SPNEGO but I'll try. With SPNEGO is like with Basic: Base64 token. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] michael-o commented on pull request #444: Delegate check for preemptive authentication from AuthenticatorBase to affected Authenticators
michael-o commented on pull request #444: URL: https://github.com/apache/tomcat/pull/444#issuecomment-897492778 One more nit: I think the check in the header-based authenticators is too generic. Shouldn't they check for a value for their auth scheme only? Basic for `Basic `, etc.? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
