Hi,
On Sun, Mar 8, 2015 at 10:27 PM, David Blevins <dblevins_at_tomitribe.com> wrote:
> So consider this your great motivation to start pushing ideas to the list.
Great idea ;)
We have a number of issues already on the Security JSR JIRA, see
https://java.net/jira/browse/JAVAEE_SECURITY_SPEC-13?jql=project%20%3D%20JAVAEE_SECURITY_SPEC%20AND%20resolution%20%3D%20Unresolved%20ORDER%20BY%20priority%20DESC%2C%20key%20DESC
Furthermore there's a good list on the JASPIC JIRA as well, see
https://java.net/jira/browse/JASPIC_SPEC-23?jql=project%20%3D%20JASPIC_SPEC%20AND%20resolution%20%3D%20Unresolved%20ORDER%20BY%20priority%20DESC%2C%20key%20DESC
One thing that's probably a no-brainer looking at all the replies so
far is having CDI available in auth modules. This seems to be
mentioned by almost everyone. A small logical step from there is
having a couple of authentication events be published (via CDI). This
was discussed a couple of times before on e.g. the EE mailing list and
seemed to be well supported (at least at the time).
See
https://java.net/jira/browse/JASPIC_SPEC-21 and
http://jdevelopment.nl/bridging-undertows-authentication-events-cdi
I'll be pushing separate threads for some of those ideas to the list
in the coming week, if that's okay with all of you here.
Kind regards,
Arjan Tijms
> I'll include everything I see in the next week for sure. After that I'll be traveling, so much slimmer odds of it getting in.
>
> If we opt for some kind of source control, I'd be happy to check it in and we can all use it and add to it.
>
> The more voices the better. I'd love to see a Java EE Security talk at every conference.
>
>
> --
> David Blevins
> http://twitter.com/dblevins
> http://www.tomitribe.com
> 310-633-3852
>