Les Hazlewood wrote:
I've given presentations on JSecurity and had many discussions in
private, and I always ask my audience: How many people have heard
of JAAS? Maybe 40-50% of the listeners affirm they have. Then I
ask, how many of you have used the JAAS API or its constructs
How does JSecurity relate to existing standards, e.g., JAAS, JACC,
WS-Security, etc.?
The only reference I found is a comment in the slide show saying Simplify
or replace JAAS. Well JAAS is the Java standard in this space, and part of
the Java core, so are we proposing a replacement or
Noel J. Bergman wrote:
I also see that JSecurity web support relies on a return to
application-level security based on a filter, rather than rely on container
management, which has evolved as a cornerstone of Java programming. The
reliance on a filter is probably because JSecurity is not (yet?)
Full JAAS integration is desired for the 1.0 final release to support
those who actually implement containers. JSecurity is usable in all
containers today, both web and non-web today, just not via JAAS yet.
The reason it is not in place now and hasn't been in 3 years is that
because the vast
Just a clarification:
JSecurity can be used in any environment - web or not, container or
not. The reason why the Filter approach is best known is that it is
the easiest to set up - Filters allow an 'interceptor' mechanism that
is common to any web container. When not using a Filter, you must
On Sun, Jun 8, 2008 at 12:16 PM, Les Hazlewood [EMAIL PROTECTED] wrote:
The reason it is not in place now and hasn't been in 3 years is that
because the vast majority of our community - application and framework
developers - could care less about JAAS - it is a cumbersome,
difficult to
Day after day, acres of pixels are needlessly harvested because of the
shear hubris in the decision to name this list general and not
gen.Our planet's oceans just cannot support this unbridled
consumption. Plus there's of all the megawatts expended just to even
render that extra eral.
Hi Alan,
On Jun 3, 2008, at 11:18 AM, Alan D. Cabrera wrote:
Kinda long, IMO.
If users had to type the alias, I'd agree that it's kinda long. But
when do you type email aliases any more?
Regards,
Craig
Regards,
Alan
On Jun 2, 2008, at 9:01 AM, Craig L Russell wrote:
One more nit
Kinda long, IMO.
Regards,
Alan
On Jun 2, 2008, at 9:01 AM, Craig L Russell wrote:
One more nit comment on the proposal.
The mailing lists proposed are prefixed with jsec, but the project
name and mailing lists on codehaus.org are jsecurity.
Shouldn't the aliases in Apache be
Sure, that sounds good to me. I'll update the proposal...
On Mon, Jun 2, 2008 at 12:01 PM, Craig L Russell [EMAIL PROTECTED]
wrote:
One more nit comment on the proposal.
The mailing lists proposed are prefixed with jsec, but the project name and
mailing lists on codehaus.org are jsecurity.
One more nit comment on the proposal.
The mailing lists proposed are prefixed with jsec, but the project
name and mailing lists on codehaus.org are jsecurity.
Shouldn't the aliases in Apache be jsecurity-xxx?
Craig
On May 30, 2008, at 8:45 AM, Alan D. Cabrera wrote:
On May 29, 2008, at
Les Hazlewood wrote:
Sure, that sounds good to me. I'll update the proposal...
Then maybe JSECURITY for Jira too might be good. Not sure... Depends if
we will have many sub-projects, which might be a good idea, regarding
the various funtionalities.
wdyt ?
--
--
cordialement, regards,
I prefer JSEC for Jira just because that is what we use now. It has grown
on me ;)
If any sub projects come , then JSECSUBA, JSECSUBB, JSECSUBC, etc feel a
little more digestible (at least in length) than JSECURITY-SUBA, etc.
Just my .02
On Mon, Jun 2, 2008 at 12:16 PM, Emmanuel Lecharny
Makes sense to me Les.
Alex
On Mon, Jun 2, 2008 at 12:29 PM, Les Hazlewood [EMAIL PROTECTED] wrote:
I prefer JSEC for Jira just because that is what we use now. It has grown
on me ;)
If any sub projects come , then JSECSUBA, JSECSUBB, JSECSUBC, etc feel a
little more digestible (at least
Les Hazlewood wrote:
I prefer JSEC for Jira just because that is what we use now. It has grown
on me ;)
If any sub projects come , then JSECSUBA, JSECSUBB, JSECSUBC, etc feel a
little more digestible (at least in length) than JSECURITY-SUBA, etc.
Yep. We have the same on Directory :
I usually like shorter code names for JIRA b/c it is easier to
type. For example, when looking up a specific issue number using
search or including in SVN comments during commit.
+1 for JSEC in JIRA
(although jsecurity makes sense for mailing lists)
On Jun 2, 2008, at 12:29 PM, Les
On Sat, May 31, 2008 at 7:27 PM, Craig L Russell [EMAIL PROTECTED] wrote:
IMHO, the decision on build tools belongs to the community.
I've signed on to mentor this project.
Maybe there is a fast track through the incubator, and this is a good
project to try it out. Can JSecurity get
On May 31, 2008, at 7:27 PM, Craig L Russell wrote:
I've signed on to mentor this project.
Great!
Maybe there is a fast track through the incubator, and this is a
good project to try it out. Can JSecurity get graduated in six months?
IIUC, all incubator projects are on the fast track.
On Jun 1, 2008, at 10:53 AM, Alan D. Cabrera wrote:
On May 31, 2008, at 7:27 PM, Craig L Russell wrote:
I've signed on to mentor this project.
Great!
Maybe there is a fast track through the incubator, and this is a
good project to try it out. Can JSecurity get graduated in six
months?
Hi Craig,
We're definitely happy to have you as a mentor. Thanks for joining in!
Have you joined the developer list? I have at least one question to ask you
thus far, but I don't want to hijack this thread.
Thanks!
Les
On Sun, Jun 1, 2008 at 2:52 PM, Craig L Russell [EMAIL PROTECTED]
wrote:
IMHO, the decision on build tools belongs to the community.
I've signed on to mentor this project.
Maybe there is a fast track through the incubator, and this is a
good project to try it out. Can JSecurity get graduated in six months?
Craig
On May 30, 2008, at 9:08 AM, Jeremy Haile wrote:
Hi,
On Wed, May 28, 2008 at 11:19 PM, Alan D. Cabrera [EMAIL PROTECTED] wrote:
...http://wiki.apache.org/incubator/JSecurityProposal...
Looks good to me, IMHO this is ready for a vote.
-Bertrand
-
To unsubscribe, e-mail:
Isn't there something that states that an incubating project needs to
be novel or provide something that's not already provided by another
library (with an open-source license)? I have looked at the JSecurity
proposal only briefly, but it seems to me that most of what it aims to
provide is
On Fri, May 30, 2008 at 8:04 AM, James Carman [EMAIL PROTECTED]
wrote:
Isn't there something that states that an incubating project needs to
be novel or provide something that's not already provided by another
library (with an open-source license)? I have looked at the JSecurity
proposal
The fact that JSecurity is container-agnostic is certainly a
differentiator. JSecurity aims to support security in any environment.
In fact, we have several users that are using JSecurity in non-web
environments, such as pure-service layers or even Swing applications.
JSecurity also aims to
On Fri, May 30, 2008 at 8:31 AM, Jeremy Haile [EMAIL PROTECTED] wrote:
Another differentiator is that JSecurity provides a session framework
that is not limited to being shared across just web-based applications.
We have users that share sessions across multiple environments, such as
Swing
The other thing about JSecurity's enterprise session support is that
it in many cases serves as a native basic Single Sign-On solution.
For example, the most common scenario that typically occurs is the
following (there are several current production environments that work
like this):
A session
If you're curious, the two classes end-users use the most are the
Subject (http://www.jsecurity.org/api/org/jsecurity/subject/Subject.html),
and the Session
(http://www.jsecurity.org/api/org/jsecurity/session/Session.html) -
acquired via subject.getSession();
Cheers,
Les
On Fri, May 30, 2008 at
I like this idea! We have an application that has a Swing client and
we talk to the server via Spring remoting. This shared session idea
sounds intriguing. I might have to look into switching to JSecurity!
:)
If you're interested in the Swing-web session interaction check out
our Spring
On May 30, 2008, at 5:27 AM, Alex Karasulu wrote:
On Fri, May 30, 2008 at 8:04 AM, James Carman [EMAIL PROTECTED]
wrote:
Isn't there something that states that an incubating project needs to
be novel or provide something that's not already provided by another
library (with an open-source
On May 29, 2008, at 11:32 PM, Bertrand Delacretaz wrote:
Hi,
On Wed, May 28, 2008 at 11:19 PM, Alan D. Cabrera [EMAIL PROTECTED]
wrote:
...http://wiki.apache.org/incubator/JSecurityProposal...
Looks good to me, IMHO this is ready for a vote.
Thanks. I'll let the weekend crowd peruse
On Fri, May 30, 2008 at 8:27 AM, Alex Karasulu [EMAIL PROTECTED] wrote:
There's no uniqueness requirement AFAIK. Any kind of project can be
proposed even if there already exist multiple implementations of a similar
technology here at the ASF and abroad.
Perhaps the uniqueness/novel
On Fri, May 30, 2008 at 11:47 AM, James Carman [EMAIL PROTECTED]
wrote
On Fri, May 30, 2008 at 8:27 AM, Alex Karasulu [EMAIL PROTECTED]
wrote:
There's no uniqueness requirement AFAIK. Any kind of project can be
proposed even if there already exist multiple implementations of a
similar
Alan D. Cabrera wrote:
On May 30, 2008, at 5:27 AM, Alex Karasulu wrote:
On Fri, May 30, 2008 at 8:04 AM, James Carman
[EMAIL PROTECTED]
wrote:
Isn't there something that states that an incubating project needs to
be novel or provide something that's not already provided by another
library
James Carman wrote:
On Fri, May 30, 2008 at 8:27 AM, Alex Karasulu [EMAIL PROTECTED] wrote:
There's no uniqueness requirement AFAIK. Any kind of project can be
proposed even if there already exist multiple implementations of a similar
technology here at the ASF and abroad.
Perhaps
On Fri, May 30, 2008 at 12:03 PM, Emmanuel Lecharny
[EMAIL PROTECTED] wrote:
Maven vs Ant vs Buildr ?
Who uses Ant or Buildr? ;)
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Ant+Ivy vs Maven =)
On May 30, 2008, at 12:06 PM, James Carman wrote:
On Fri, May 30, 2008 at 12:03 PM, Emmanuel Lecharny
[EMAIL PROTECTED] wrote:
Maven vs Ant vs Buildr ?
Who uses Ant or Buildr? ;)
-
To unsubscribe,
Relevant information can be found in:
http://wiki.apache.org/incubator/JSecurityProposal
Regards,
Alan
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
38 matches
Mail list logo