[prev in list] [next in list] [prev in thread] [next in thread] 

List:       httpclient-commons-dev
Subject:    Re: Bearer auth scheme support (RFC 6750)
From:       larry mccay <larry.mccay () gmail ! com>
Date:       2022-12-05 22:29:48
Message-ID: CACRbFyhAeEKgSwq+Y+dt8tWmsKz0ers--ROO2x7LTyCuCExbXA () mail ! gmail ! com
[Download RAW message or body]


On Mon, Dec 5, 2022 at 3:25 PM Michael Osipov <michaelo@apache.org> wrote:

> Am 2022-12-05 um 17:41 schrieb larry mccay:
> > Hi Oleg -
> >
> > Happy to see Bearer Tokens coming in as a first class auth scheme.
> >
> > Can you be a bit clearer on continued support for SPNEGO and KERBEROS
> going
> > forward for those still using them?
> > Disabling them by default means that we will need to explicitly enable
> them?
> > Deprecating them means that you plan to remove them completely?
>
> I would not recommend using them at all. They are poorly written and
> violate RFC 7546. To answer both of your questions: yes.
>
> Also, as I said before, I'd be willing to write a new integration as
> soon as I have a business need, for the past years I didn't need it. One
> of the reaons which held me off is that the Nexus developers didn't want
> to fix issues with me which would require to integrate it and others are
> that all SPNEGO-enabled services I provide are either accessed through
> SSPI or MIT Kerberos.
>
> Michael
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
> For additional commands, e-mail: dev-help@hc.apache.org
>
>


[prev in list] [next in list] [prev in thread] [next in thread]