[
http://jira.codehaus.org/browse/MRM-832?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=180876#action_180876
]
Justin Koke commented on MRM-832:
---------------------------------
I would also really like to add my voice to this issue.
Security is hard to get right, and it usually scares me when I find 'yet
another security framework'.
I didn't know about Redback until I found it in Archiva and I am astonished
that it was chosen as an option for this project.
I would highly recommend moving away from Redback and use Spring Security.
> Investigate future Security framework options
> ----------------------------------------------
>
> Key: MRM-832
> URL: http://jira.codehaus.org/browse/MRM-832
> Project: Archiva
> Issue Type: Task
> Components: Users/Security
> Affects Versions: 1.2
> Reporter: James William Dumay
> Fix For: 1.x
>
>
> This is just a stub ticket as we have been rumbling about replacing/improving
> our choice of security framework in 1.2
> Ideally it should be _very_ easy for administrators of Archiva to back auth
> onto a variety of systems - LDAP, Active Directory, Atlassian Crowd, OpenSSO,
> etc
> Possible frameworks:
> * Redback (Current, could do with some love) - http://redback.codehaus.org
> * Spring-Security (was ACEGI) -
> http://static.springframework.org/spring-security/site/
> * JSecurity (new Apache Incubator project) - http://www.jsecurity.org/
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
