You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomee.apache.org by exabrial12 <ex...@gmail.com> on 2021/02/25 15:08:51 UTC

JavaEE8 Security API - JSR375 question

So we're greenfielding a new project. We're looking at using JSR375 as it
contains some great APIs.


One thing I really like about the way TomEE works is keeping configuration
in the environment. For instance, it's really handy to use tomcat-users.xml
locally, then when the code is deployed, it automatically uses LDAP. This is
merely a config change on the server, rather than having to recompile the
WAR.


Any idea how we could accomplish this using JSR375? I was curious if we
could/should implement a custom identity store that directly integrates with
the tomcat realm. 

Thanks as always, TomEE continues to be the best platform to build apps on
(not at all biased haha).

cheers,
-Jonathan



--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Re: JavaEE8 Security API - JSR375 question

Posted by Jean-Louis Monteiro <jl...@tomitribe.com>.

Hey Jonathan,

The implementation in TomEE is fairly complete even though not tested aside
from TCK which are looking really good.
That is an improvement to do.

We have a couple of built-in identity
https://github.com/apache/tomee/tree/master/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore

JDBC and LDAP are there. You can implement your own and plug that in.
I made it such as the default is using tomcat-users.xml


So out of the box your use case should be covered unless I miss something.

Hope it helps


--
Jean-Louis Monteiro
http://twitter.com/jlouismonteiro
http://www.tomitribe.com


On Thu, Feb 25, 2021 at 4:09 PM exabrial12 <ex...@gmail.com> wrote:

> So we're greenfielding a new project. We're looking at using JSR375 as it
> contains some great APIs.
>
>
> One thing I really like about the way TomEE works is keeping configuration
> in the environment. For instance, it's really handy to use tomcat-users.xml
> locally, then when the code is deployed, it automatically uses LDAP. This
> is
> merely a config change on the server, rather than having to recompile the
> WAR.
>
>
> Any idea how we could accomplish this using JSR375? I was curious if we
> could/should implement a custom identity store that directly integrates
> with
> the tomcat realm.
>
> Thanks as always, TomEE continues to be the best platform to build apps on
> (not at all biased haha).
>
> cheers,
> -Jonathan
>
>
>
> --
> Sent from:
> http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html
>