Thanks for your response, Ron!
At present, EE 8 is scheduled for completion Q3 2016.
The JSR 375 EG had mentioned that there was some overlap between JSR 375
and JSR 351 wrt Identity Store API. My original intent was that JSR 375
would provide an app dev friendly simplified view of an Identity Store,
with the option to access the full JSR 351 API, if that backed the
simplified view. What is "simplified" is up for discussion.
It will, of course, be difficult to depend on JSR 351, if it is not
available ;)
At the very least, I do not think we want to specify anything that
conflicts with JSR 351.
Although the JSR 351 API is quite comprehensive, I wonder if a
"non-security expert" application developer coming from Apache Shiro or
Spring Security, would understand it. I wonder if there is some
opportunity for JSR 375 to simplify JSR 351.
Since JSR 351 would not be available by EE 8, I wonder if we should try
a more direct approach and define Identity Store access backed by
commonly used persistence mechanisms like file, DB, and LDAP.
Regards,
Alex
On 4/10/15 5:14 PM, Ron Monzillo wrote:
> On 4/9/15 7:37 PM, Alex Kosowski wrote:
>> Hi Prateek and Ron,
>>
>> Do you suspect JSR 351 will be completed in the EE 8 timeframe?
>>
>> Thanks,
>> Alex
> Hi Alex,
>
> I don't think I can commit to JSR 351 being completed in time for EE 8.
>
> I have committed to produce a revision to the early draft.. The
> revision will
> focus on filling in the security aspects of the api, simplifying
> attribute repository
> configuration/registration, and on simplifying repository development and
> integration by allowing for repositories that implement a subset of
> the specified
> query and update capabilities.
>
> BTW, what is the EE8 timeframe?
>
> Ron