Hi all, My interest in this is based on the observation that I can think of the following places where we do authorization in ESME:
1. General access (you must be logged in - stored in database, LDAP, or container, thanks to Vladimir) 2. Pools (pool membership stored in database (or LDAP?)) 3. API super-user (allowed to create user accounts - configured through property files) Each of these is handled in a different way with different types of checks. Our current system is not very complex, so I'm not sure if we would benefit from a framework like Shiro, but my thought was that it might push us towards a more consistent approach. That said, I don't see a pressing need for it at the moment, since things seem to be working OK. Just my 2 cents :-) Ethan On Sun, Sep 18, 2011 at 1:25 PM, Richard Hirsch <[email protected]> wrote: > Ethan found an interesting blog about Apache Shiro integration in Lift > (http://goo.gl/fb/3kLxZ) > > Apache Shiro is a Java security framework (formally known as > JSecurity) and it comes with a fairly abstract set of classes for > building systems that have the familiar users, roles and permissions > setup. There is an interesting write up here with further details: > http://shiro.apache.org/authentication-features.html > > Thanks to Vladimir we already have some implemented some features such > as LDAP and container-based authentication. Should we look at Shiro? > > Thoughts? > > D. >
