[jira] Commented: (MRM-832) Investigate future Security framework options

["Emmanuel Venisse (JIRA)" <ji...@codehaus.org>]

    [ http://jira.codehaus.org/browse/MRM-832?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=138133#action_138133 ] 

Emmanuel Venisse commented on MRM-832:
--------------------------------------

LDAP support is very good now in Redback.
Maybe I'm wrong but I think AD connection is a standard LDAP connection.

Spring-security is the most powerful framework, it is alone to support LDAP, AD, Crowd, JOSSO (I don't think OpenSSO) and more (http://static.springframework.org/spring-security/site/reference/html/introduction.html)

As we already use Spring, I think spring-security would be the best option for users.

> Investigate future Security framework options 
> ----------------------------------------------
>
>                 Key: MRM-832
>                 URL: http://jira.codehaus.org/browse/MRM-832
>             Project: Archiva
>          Issue Type: Task
>          Components: Users/Security
>    Affects Versions: 1.2
>            Reporter: James William Dumay
>             Fix For: 1.2
>
>
> This is just a stub ticket as we have been rumbling about replacing/improving our choice of security framework in 1.2
> Ideally it should be _very_ easy for administrators of Archiva to back auth onto a variety of systems - LDAP, Active Directory, Atlassian Crowd, OpenSSO, etc 
> Possible frameworks:
> * Redback (Current, could do with some love) - http://redback.codehaus.org
> * Spring-Security  (was ACEGI) - http://static.springframework.org/spring-security/site/
> * JSecurity (new Apache Incubator project) - http://www.jsecurity.org/

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira