security with shiro?

[Cristiano Gavião <cv...@gmail.com>]

Hi,

I start to play with isis with wicket today. Sounds very nice...

I have some doubts. Is apache shiro being used (or will if not yet) as 
the security manager?

could I use isis with wicket 1.5 now?

thanks

Cristiano

Re: security with shiro?

[Cristiano Gavião <cv...@gmail.com>]

Hi... thanks for the time to answer...

Yep.. I've found the docs ... and now I need to find more time to read 
and play with it :-)

I asked about Shiro because we already did some integration between 
Wicket 1.5, Shiro and LDAP (we are building a pilot project as 
ProveOfConcepts).

Well, Wicket 1.5-RC1 is already released... We are betting that won't 
take much longer for a next stable release.

Looking the Isis site, initially I was thinking in use it to develop 
some modules containing the CRUD like use cases.
Humm.. wicket 1.5 is a requirement for us, but the doubts right now is 
on how would we integrate those CRUD modules( sessions too!) with the 
modules created using native wicket 1.5 and Shiro...

I will investigate a little more the refered Isis pluggable security 
mechanism...

thanks

Cristiano

On 12/02/11 13:43, Dan Haywood wrote:
> Hi Cristiano,
>
> Welcome to our mailing list, and thanks for trying out Isis.

>
>
> On 12/02/2011 14:24, Cristiano Gavião wrote:
>> I start to play with isis with wicket today. Sounds very nice...
> Yes, it is!  As I'm sure you've already found, the documentation for 
> the Wicket Viewer is on our website [1] (including how to customize 
> the UI).
>

>> I have some doubts. Is apache shiro being used (or will if not yet) 
>> as the security manager?
> Isis has a pluggable security mechanism that is used for both 
> authentication and authorization [2].  So it would certainly be 
> possible to use a different security mechanism.
>

>>
>> could I use isis with wicket 1.5 now?
>>
> The Isis Wicket viewer currently runs against Wicket 1.4.12.  So I 
> guess the short answer is no (though I also note that Wicket 1.5 is 
> not out yet, and I wouldn't want to create a dependency on an 
> unreleased version with good reason).

>
> Still, if you would like to raise a ticket on JIRA [3] for this, then 
> at least the need to do an upgrade at some  point won't get forgotten.
>
>> thanks
> Cheers,
> Dan
>
>
> [1] http://incubator.apache.org/isis/viewer/wicket/index.html
> [2] http://incubator.apache.org/isis/defaults/security/index.html
> [3] https://issues.apache.org/jira/browse/ISIS
>

Re: security with shiro?

[Dan Haywood <dk...@gmail.com>]

Hi Cristiano,

Welcome to our mailing list, and thanks for trying out Isis.


On 12/02/2011 14:24, Cristiano Gavião wrote:
> I start to play with isis with wicket today. Sounds very nice...
Yes, it is!  As I'm sure you've already found, the documentation for the 
Wicket Viewer is on our website [1] (including how to customize the UI).


>
> I have some doubts. Is apache shiro being used (or will if not yet) as 
> the security manager?
Isis has a pluggable security mechanism that is used for both 
authentication and authorization [2].  So it would certainly be possible 
to use a different security mechanism.


>
> could I use isis with wicket 1.5 now?
>
The Isis Wicket viewer currently runs against Wicket 1.4.12.  So I guess 
the short answer is no (though I also note that Wicket 1.5 is not out 
yet, and I wouldn't want to create a dependency on an unreleased version 
with good reason).

Still, if you would like to raise a ticket on JIRA [3] for this, then at 
least the need to do an upgrade at some  point won't get forgotten.

> thanks
Cheers,
Dan


[1] http://incubator.apache.org/isis/viewer/wicket/index.html
[2] http://incubator.apache.org/isis/defaults/security/index.html
[3] https://issues.apache.org/jira/browse/ISIS