Hi, Apache 'Ki' has recently gone through a name change within the Apache Incubator - it is now called 'Apache Shiro'.
But our name instability aside ;), the project as a code base is pretty stable - the project is over 4 1/2 years old after all, with most of that time as a SourceForge project - we have only within the last year moved to the Apache Incubator. There are more than a few of us using it in production applications, quite a few of which service hundreds of thousands of users per day. Note that being in the Apache Incubator is _not_ a sign of instability. All projects must go through the Incubator as part of a clearing process, no matter if they're 10 years old or 1 month old. The project is not 1.0 as of yet because we were waiting to finalize our new name. Now that this has been done, I think we can aggressively move towards 1.0 again. This will be our first apache release under the org.apache.shiro.* package space. So, as to our feature set on the about pages, everything that is listed is implemented and functional. Annotation support is mostly container-specific, and we don't have Annotations for EJB3 containers working yet (just Spring environments). That would be on the list for 1.0. The only things that are not yet functional are those listed in Jira scheduled for the 1.0 release, which, again, we can now start attacking with vigor. Anyway, I hope that helps clarify the state of things. Feel free to ask more questions. I can say that, if you choose to use the project, you'll find that most users receive decent support on the mailing lists and usually find what they need. That you've already joined the list is more than half of the effort in getting support ;) Best, Les On Wed, Jun 10, 2009 at 3:24 PM, mad.rug <[email protected]> wrote: > > Hi > > I need a security framework for a web app I'm developing, and Apache Ki > sounded like a great solution for me. After a bit of research about Ki, a > few issues bother me, and I'd like to clarify them before choosing my > security framework. > > First, there is no Apache release yet, I've built from source, but I'm a > bit > afraid of stability of this code. I could use the last JSecurity release, > but that would force me to do some code refactoring when the Apache release > arrives. Is there any estimate for this release? Or should I use JSecurity > (better for production)? > > Second, Ki is not 1.0 yet. The project may be already perfectly functional > (it is long running anyway) as it is but I don't know if there are major > functionalities still not implemented, but taking a look at Jira, todo > includes 'Run as', Digest and some other. Reading the 'welcome' and > 'about', > the features I need were all addressed, but I'd like to know if they are > already implemented (in JSecurity 0.9 or current Apache snapshot): JDBC > authentication, fine grained authorization, roles, users, dynamically > added/updated roles/users/permissions, caching, heterogeneous client > session > access (web/ejb/applet), cryptography/hashes. Also little XML (annotation > config) use is nice. Are these features implemented and functional? > > Thanks for you attention, and hope I can start using Ki soon. > -- > View this message in context: > http://n2.nabble.com/Apache-release-and-features-tp3057821p3057821.html > Sent from the JSecurity User mailing list archive at Nabble.com. > >
