I think it would be hard to say there's any "standard". GAE is effectively a web environment, which means you can do most "web" things with it.
The Spring guys have a blog post about setting up Spring Security: http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ I have a couple posts on it, the newest being: http://objectuser.wordpress.com/2009/10/24/more-on-spring-security-in-google-app-engine/ There's much more information on Spring Security than Shiro, in my experience. But, for me, it came down to the "weight" of the solution and its integration with Google Guice. YMMV. :) On Jun 19, 9:14 am, Dominik Karadeniz <[email protected]> wrote: > Thank you. I have never heard of Shiro before, but it seems to be exactly > what I need. > > Do you know whether Shiro is THE standard thing to use for GAE access > control. Are there alternatives that you know of? > > It is always very important to me to make sure a system is somewhat > "standardized" before I use it. > > Thanks. > > > > > > > > On Sun, Jun 19, 2011 at 2:57 PM, objectuser <[email protected]> wrote: > > I've never used Spring Security by itself. It used to be its own > > project, so it might not be too bad. As far as I know, there are > > still issues with using Spring in GAE, but maybe those have been > > solved, and they may not apply to using Spring Security by itself. > > > I'm currently using Apache Shiro. I've been meaning to blog about it, > > but alas. > > >http://shiro.apache.org/ > > > Shiro will do role based method-level verification, but also allow you > > to assign arbitrary permissions and assert those at any point. > > > On Jun 18, 6:55 pm, "Xel'Ra" <[email protected]> wrote: > > > Hi guys, > > > > I wanted to ask for a hint on some technologies I could use for what I > > > want to do with GAE. I am a bit overwhelmed by the huge amounts of > > > different and competing APIs and stuff that I am reading about. > > > > I want to do a web page with login. But not for everyone with a google > > > account. > > > I want users to create an account and save data. They shall be the > > > admins of their accounts and be able to create sub-users that can use > > > the app with the respective data. Also they need to be able to > > > restrict access to certain areas for their sub-users. > > > Also it should be possible to, at a later stage, implement a > > > subscription payment model and to check on which membership model they > > > are. According to that they will only be to e.g. create 3 sub-users > > > and save 1000 entries of a string per month. > > > > From what I've read on the web the technologies I would need for a > > > project like that are: > > > > GAE + GWT + Spring security. > > > > Is spring security really the right choice? Am I mistaken? Are there > > > other alternatives for handling user rights? > > > I would be very glad to be pointed in the right direction and > > > literature. I am kinda lost right now. > > > > Thank you in advance. > > > -- > > You received this message because you are subscribed to the Google Groups > > "Google App Engine for Java" group. > > To post to this group, send email to > > [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group at > >http://groups.google.com/group/google-appengine-java?hl=en. -- You received this message because you are subscribed to the Google Groups "Google App Engine for Java" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.
