Hi all, In order to gather more information about which projects under the umbrella of the ASF uses Apache Shiro as an authentication, authorisation, etc. solution within their products, I have reached out to the Shiro community, as I couldn't easily distill that from their web pages.
I have also executing a search on one of the major search solutions to find out if 'org.apach.shiro' is referenced in some other products and projects. I hope to be able to present some results soon, to help this [subject] to move forward. Best regards, Pierre Smits ORRTIZ.COM <http://www.orrtiz.com> OFBiz based solutions & services OFBiz Extensions Marketplace http://oem.ofbizci.net/oci-2/ On Mon, Jun 27, 2016 at 7:34 PM, Roberta Marton <[email protected]> wrote: > Background: > > > > The code donated for Trafodion includes some basic support using OpenLDAP > to authentication users. As we go forward in Trafodion, we need to support > more authentication solutions such as Kerberos. This email asks for > feedback from the users group for possible solutions for a plug-n-play > solution. It was prompted from a conversation on a related topic from > Pierre regarding the JIRA TRAFODION-2059. > > > > Discuss: > > > > One idea is to support a central authentication infrastructure to replace > out current LDAP solution. Any consumer that requires authentication would > call a set of generalized APIs. Behind these API's would be the actual > authentication solutions. There would be API's in the client that would > generate and send information to the server such as encrypted passwords or > single sign-on details. There would be API's in the server to interpret > this information. When new authentication solutions are required, the new > solution would be plugged into the authentication infrastructure with > minimal changes to the consumers. > > > > Are there any authentication solutions that exist today that we could use > for our authentication code? > > For example, the product Apache Shiro provides a Java security framework > that performs authentication, among other things, using generic API's that > can be extended for different authentication solutions. > > > > Other suggestions for providing a distribution free solution to manage > authentication? > > > > Regards, > > Roberta > > >
