nicolas de loof wrote:
"Integrate RedBack / Spring into Archiva."
What is the advantage of redback compared to spring-security (aka "acegi") ?
spring-security allready supports role-based secutiry, DB user store and
"remember me".
Nico.
Redback is an RBAC implementation.
RBAC at NIST - http://csrc.nist.gov/groups/SNS/rbac/
RBAC FAQ - http://csrc.nist.gov/groups/SNS/rbac/faq.html
RBAC on Wikipedia - http://en.wikipedia.org/wiki/RBAC
Spring and Acegi do not have an RBAC implementation.
The Redback <--> Spring integration is likely to take the form of
another acegi authorization provider, but it's still a little early yet
to speculate on how this will occur.
A more general question would be ... do we need RBAC for Archiva? or
can we get away with standard JAAS Roles?
- Joakim
