You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@deltaspike.apache.org by "Gerhard Petracek (JIRA)" <ji...@apache.org> on 2012/07/30 00:16:34 UTC

[jira] [Resolved] (DELTASPIKE-62) Discuss security module

     [ https://issues.apache.org/jira/browse/DELTASPIKE-62?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Gerhard Petracek resolved DELTASPIKE-62.
----------------------------------------

    Resolution: Fixed

we agreed on keeping the authorization api and remove the rest for now - later on we might add a very simple authentication module (api, jsf component/s,...). we will create new jira tickets for such a module as soon as we start with it. (details are available at http://s.apache.org/w1)
                
> Discuss security module
> -----------------------
>
>                 Key: DELTASPIKE-62
>                 URL: https://issues.apache.org/jira/browse/DELTASPIKE-62
>             Project: DeltaSpike
>          Issue Type: Sub-task
>          Components: Security-Module
>    Affects Versions: 0.1-incubating
>            Reporter: Dan Allen
>            Assignee: Shane Bryzak
>             Fix For: 0.3-incubating
>
>
> Application security can be extremely confusing and frustrating, especially for Java EE developers. Yet, it's an absolute requirement for nearly every application. An integration with a strong security framework is desperately needed. DeltaSpike could offer a module that makes security very approachable and integrate well with CDI and other Java EE technologies.
> Apache Shiro [1] appears to be an ideal candidate. The goals for the project seem to align perfectly with this need, as Les explains in this article [2]. Apache Shiro has many things going for it that make it a good match for DeltaSpike:
> * a top level Apache project 
> * actively developed 
> * mature (nearly a decade)
> * pluggable & extensible (the key for CDI integration)
> * works in web, ejb *and* java se environments
> * supports all aspects of security (authentication, authorization, permissions, certificates, ciphers)
> * easy to use
> * subjective bonus: has a cool name and logo
> It seems like Shiro could really use some CDI integration to make it even simpler. (Several integrations have already been explored [3]). We can start with some producers and then build on the declarative functionality that has previously been explored in Seam. 
> [1] http://shiro.apache.org/index.html
> [2] http://www.infoq.com/articles/apache-shiro
> [3] http://shiro.apache.org/integration.html

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira