Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Adding Credential Types? 
Stephen, I am no expert, but I happen to have started working in this
area in the past couple of days.  Jetty's abstract Credential class does
not seem to be extensible, since it has knowledge of its concrete (and
nested) subtypes.
           
But I think the problem goes deeper than that.  You need cooperation
from the browser to extend credential types.  How will you achieve that?

As far as I know (not very) the last word on http authentication
standards is RFC2617, which specifies MD5.  I'd be happy to learn that
there is more flexibility here than I understand there to be.


On 11/04/2011 11:28 PM, Stephen G. Walizer wrote:
> I'd like to extend the authentication system in an embedded Jetty 7 to use a custom variant of JDBCLoginService so that it knows the password format without requiring the prefix:data format (for example md5:hash). I can see how I could build and set a new LoginService but how would I go about adding additional Credential types to be used? 
>
> Alternately I'd even settle for adding Credential types using the algorithm:data format for something more secure like SHA-512.
>
> Thanks!
> -----------------------------------------------------------
> - stephen.g.walizer - sgw@xxxxxxxxxxx
> -----------------------------------------------------------
>
>
>
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/jetty-users

Back to the top