David, 2 cents, how would one secure Geronimo in an enterprise scenario (say LDAP servers) would help the admin guys i think.
-- dims On Fri, Oct 24, 2008 at 7:07 PM, David Jencks <[EMAIL PROTECTED]> wrote: > Geronimo Security, now and coming soon > > Security can be divided into negotiation for credentials, credential > validation, and authorization. > > First we'll look at setting up and swapping credential validation in > geronimio, a simple process everyone has to do to secure an application. > > Then we'll look at the JACC authorization framework where the security > constraints in the javaee deployment descriptors and annotations are > translated into java permissions and used, together with a principal-role > mapping, to authorize requests at runtime. If time allows we'll look at > swapping JACC implementations. We'll look at extending the JACC concepts to > other authorization decisions such as in portal frameworks. > > Finally we'll look at the upcoming JASPI support that allows pluggable > negotiation for credentials and see how it can be used to plug openid > authentication into a web app to replace basic or form based authentication. > > > ------------ > I haven't written this yet so having lots of time to work on it would be > great and any suggestions for improvement would be appreciated. > > thanks > david jencks > > On Oct 23, 2008, at 9:46 AM, William A. Rowe, Jr. wrote: > >> Hello Experts, >> >> the AC/US planning team has a 1hr gap in the program, of the "Security" >> topic track 1 on Thursday 6 November. >> >> http://us.apachecon.com/c/acus2008/schedule/2008/11/06 >> >> Please get back to me ASAP if you have (or would like to create) a session >> that hits one or more of the bullets below; >> >> * security related >> >> * ideally of some interest to admins, perhaps of interest to devs >> >> * ideally related to some aspect of securing systems or apps with >> consideration of client vulnerabilities >> >> I'd appreciate any suggestions by Sat a.m., so whomever offers >> to pick this up a solid week+ to prepare. Certainly by Mon a.m. >> please? Remember all the usual speaker benefits apply, including >> registration, and some flight and lodging costs. >> >> Bill >> > > -- Davanum Srinivas :: http://davanum.wordpress.com
