2015-12-04 14:50 GMT+01:00 Mark Thomas :
> On 04/12/2015 12:29, Rémy Maucherat wrote:
> > 2015-12-04 12:42 GMT+01:00 Mark Thomas :
>
> >> The DIGEST module does not disable the default
> >> caching of the authenticated Principal in the session which renders the
> >> security benefits of digest ove
On 04/12/2015 12:29, Rémy Maucherat wrote:
> 2015-12-04 12:42 GMT+01:00 Mark Thomas :
>> The DIGEST module does not disable the default
>> caching of the authenticated Principal in the session which renders the
>> security benefits of digest over http largely useless.
>
> Apologies for missing it
2015-12-04 12:42 GMT+01:00 Mark Thomas :
> I've been spending some time looking at the JASPIC implementation that
> was started as part of GSoC.
>
> To recap the history to save folks digging through the archives:
>
> - JASPIC provides a standard API for pluggable authentication modules
>
> - The
