Hey All,
I was driving through JIRA and noticed JAVAEE_SECURITY_SPEC-12. I was wondering if we should not prioritize this one over others. Probably after we finish our Terminology epic.
IMO, this issue gathers an important point in respect to:
- Centralized interface for security-related information
- Removes redundancy and provides a more concise way to provide access to security related information
- Helps other specs to address security in a more similar fashion
And also looks like a core concept if we are going to take it forward.
I think this issue brings one of the main reasons that make people usually decide to use frameworks such as Shiro, Spring Security or PicketLink. I think all of them provide a similar concept.
Regards.
Pedro Igor