We want to start a vote JUST on reusing an existing security API (sounds like Shiro) for building a new API for IDM?
Just trying to understand exactly what people are asking the vote to be about. On Thu, Jul 26, 2012 at 10:32 AM, Gerhard Petracek < [email protected]> wrote: > +1 for a vote about the IDM part, but imo we need a clear majority to > continue or drop with it. > if we don't have a clear majority, we should discuss it again in detail > (independent of the result). > > regards, > gerhard > > > > 2012/7/26 Romain Manni-Bucau <[email protected]> > > > so it really seems a vote is needed no? > > > > - Romain > > > > > > 2012/7/26 Jason Porter <[email protected]> > > > > > I had suggested that awhile ago, but I don't think there was consensus. > > Or > > > maybe I just thought about it :) been awhile. > > > > > > Sent from my iPhone > > > > > > On Jul 26, 2012, at 9:22, Romain Manni-Bucau <[email protected]> > > > wrote: > > > > > > > hmm, not sure it answers the question. Shiro is an (fine IMO) API, DS > > > could > > > > use it as base instead of creating a new one in the Apache ecosystem. > > > > > > > > - Romain > > > > > > > > > > > > 2012/7/26 Anil Saldhana <[email protected]> > > > > > > > >> If Deltaspike desires to provide integration with shiro, make it as > an > > > >> independent sub module of security. Similar to the independence of > the > > > IDM > > > >> component. Security is too large to reside as a single module. > > > >> > > > >> On Jul 25, 2012, at 4:45 PM, Romain Manni-Bucau < > > [email protected]> > > > >> wrote: > > > >> > > > >>> +1 > > > >>> > > > >>> - Romain > > > >>> > > > >>> > > > >>> 2012/7/25 Gerhard Petracek <[email protected]> > > > >>> > > > >>>> hi @ all, > > > >>>> > > > >>>> if there are objections, we have to finish the discussion before > we > > > >>>> continue with it or we start a vote about it. > > > >>>> > > > >>>> regards, > > > >>>> gerhard > > > >>>> > > > >>>> > > > >>>> > > > >>>> 2012/7/12 Jean-Louis MONTEIRO <[email protected]> > > > >>>> > > > >>>>> Yes, fully agree. > > > >>>>> I don't see any good reason to create a new framework. > > > >>>>> > > > >>>>> Shiro, which is also in Apache is really great. > > > >>>>> They seem really interested in integrating CDI and they plan to > do > > > so. > > > >>>>> > > > >>>>> There is some interesting posts. > > > >>>>> > > > >>>>> > > > >>>> > > > >> > > > > > > http://shiro-developer.582600.n2.nabble.com/CDI-and-WSS4J-integration-tp7577503.html > > > >>>>> > > > >>>>> > > > >>>> > > > >> > > > > > > http://shiro-developer.582600.n2.nabble.com/Security-in-DeltaSpike-tp7577514.html > > > >>>>> > > > >>>>> Jean-Louis > > > >>>>> > > > >>>>> > > > >>>>> 2012/7/12 Mehdi Heidarzadeh <[email protected]> > > > >>>>> > > > >>>>>>> Rather than marry into one security framework (Shiro), > > Deltaspike > > > >>>>> should > > > >>>>>>> enable all security frameworks to provide integration. That > > > includes > > > >> a > > > >>>>> DS > > > >>>>>>> integration from Shiro. > > > >>>>>> +1 > > > >>>>>> > > > >>>>>>> Agree. If DS can provide a layer to support different existing > > > >>>> security > > > >>>>>>> frameworks (Shiro, Spring Security, ...) with perhaps JAAS > > modules > > > >>>>> (LDAP, > > > >>>>>>> JDBC, PropertiesFile, EncryptedPropertiesFile, ...) top of CDI, > > > that > > > >>>>>> should > > > >>>>>>> be fine > > > >>>>>> +1 > > > >>>>>> > > > >>>>>> With a good provided security integration api in DS, anyone > > > interested > > > >>>> in > > > >>>>>> any of those security frameworks will be able to use DS and that > > > >> sounds > > > >>>>>> very nice and elegant. > > > >>>>>> -- > > > >>>>>> Mehdi Heidarzadeh Ardalani > > > >>>>>> Independent JEE Consultant, Architect and Developer. > > > >>>>>> http://www.TheBigJavaBlog.com > > > >>>>>> > > > >>>>> > > > >>>> > > > >> > > > > > > -- Jason Porter http://lightguard-jp.blogspot.com http://twitter.com/lightguardjp Software Engineer Open Source Advocate Author of Seam Catch - Next Generation Java Exception Handling PGP key id: 926CCFF5 PGP key available at: keyserver.net, pgp.mit.edu
