Hi everyone, I have been following this project since it was called JSecurity, Ki etc. I noticed that it has now cryptography features and I wonder if there's any plan to feature object serialisation security ( SignedObject, SealedObject, etc ). This has long been in the Java API ( i guess 1.4.2 ) and I think it's one of the very useful-underrated-missed java API that can be a good solution to many security scenarios like keeping the financial information in a database signed, sealed and serialised.
One can argue that this is beyond the scope of Shiro as it already provides the cryptography service to use for signing and sealing an object, but the important bit is the best practice in writing safe code : E.g : sign than seal, etc. Any thoughts on this ? Thanks very much, Best, Razvan
