Hi there,
as integration i meant making those two (restlet + jsecurity) to play
together. But in fact, we are using out-of-the-box (slightly
nexus-ified) JSecurity Servlet filters, thus our Restlet Application
is completely unaware of being protected (unless resources where we
use it explicitly).
The integration is more Plexus + JSecurity way, and also we
integrated Plexus + Restlet, thus all major stuff is simply a Plexus
Component (something like spring managed bean).
All our related code is in our Spice OSS SVN (that makes our life spicey):
http://svn.sonatype.org/spice/trunk/
In short:
plexus-restlet-bridge -- is the restlet + plexus integration
plexus-jsecurity-realms -- are various JSecurity Realm implementations
(allowing us to do a lot of magic, ie. using LDAP for auth/authz and
if failing, falling back to local XML for example, it is great for
transitions)
JSecurity is very flexible piece of software, and almost all you have
to do is implement a Realm to hook it in into whatever you want. It is
not an aggressive library, that is clearly proved by Nexus already:
you can simply envelope a web application (in this case a Restlet
Application that is run in ServletServer) into JSecurity with their
SerlvetFilters almost without any changes (the simplest/static
solution would need some web.xml tweaking and that's all!).
You can grep some info from here too:
https://docs.sonatype.com/display/NX/Nexus+Security+FAQ
Hope helps,
~t~
On Sat, Nov 15, 2008 at 8:46 AM, Jeff Ramsdale [EMAIL PROTECTED] wrote:
Tamás Cservenák wrote:
Hi all,
JSecurity is a really cool piece of software, and is really easy to
integrate with restlet. In Nexus, we have it integrated pretty easily.
Is that code you can donate back or a pattern you can divulge? A blog post
maybe?
~t~
Thanks,
-jeff
--
Thanks,
~t~
