Forgot to state the obvious: If you're interested in help us shape the XWiki security APIs you're more than welcome :)
Thanks -Vincent On Sep 20, 2007, at 12:23 PM, Vincent Massol wrote: > > On Sep 20, 2007, at 12:11 PM, Bradley Beddoes wrote: > >> Hi Vincent, >> >> So I have had a look at the links provided below and while I don't >> know >> the Plexus framework very well I understand what its purpose is. >> >> Not to interfere in architecture decisions but Spring OSGi also looks >> quite nice in this space. Is Xwiki built around Spring?. > > No it's not built around Spring. > > The component manager used doesn't matter as this stage. What > matters is to have components and a component architecture, > components being plain POJOs. This is where our effort is. The > first implementation I've done is with Plexus which is hidden away > in a single location (in the xwiki-plexus/ build module) and there > isn't a single import of Plexus in any other place. > >> Vincent Massol wrote: >>> ... >>> >>> We're not using it. We haven't decided what we do. Is ESOE a >>> superset >>> of Acegi, are they competitors, etc. Do you know JGuard? Is it a >>> competitor to ESOE or are they in different domains? As you can see >>> this is not a domain I know well so if you're interested in bringing >>> your expertise to XWiki then that would be cool :) >> >> I think Acegi is going to play very nicely with what you guys are >> trying >> to do. I am going to embark on an Acegi -> ESOE integration over the >> next week or so which will mean that anything using Acegi will be >> right >> to go with ESOE. >> >> What Acegi will give you is really nice pluggable authentication, >> authorization and User management which will mean users wanting to do >> enterprise level SSO and authorization with ESOE will be able to >> do that >> but those wishing to just auth against ldap will also be able to >> do that. > > cool > >> So Acegi is basically an integrator at the application level. ESOE >> and >> its associated client side SPEP is a step above that, it does all the >> heavy SAML and XACML lifting, the SPEP will hook into Acegi (just >> like >> say LDAP could) and provide the source of authentication, identity >> and >> authorization that Acegi will rely on when the application calls it. > > ok, I understand. Sounds good then. > >> From the limited look I have had at JGuard it seems to play in the >> same >> space as Acegi. >> >> Hope this is of some help let me know what you think about Acegi, >> if you >> want to go with designing your own layer I'd need to probably see >> some >> discussion around that so I can give you feedback. > > We only want to have our own interfaces (as in Java Interfaces). > The implementation can be using Acegi and ESOE. > > Unfortunately nobody here is currently working on these interfaces > right now. In term of architecture improvements, the work in > progress currently are: > > * New Rendering/Parsing interfaces using WikiModel - Vincent (me) > * Velocity component - Vincent (me) > * New Notification/Observation component - Vincent (me) > * New Action component - Vincent (me) > * New URL management component - Vincent (me) > * New WYSIWYG editor architecture based on GWT and WikiModel - Marius > * New Rights Management UI - Thomas M > > You can see a summary of these and more on the design space of > xwiki.org (not yet fully up to date though): > * old location: http://www.xwiki.org/xwiki/bin/view/Idea/ (there > are still some proposals not moved to the new Design space in there > which is why I'm listing it here) > * new location: http://www.xwiki.org/xwiki/bin/view/Design/ > > Thanks > -Vincent > _______________________________________________ devs mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/devs
