Hi,
It would of course be good to have that sooner, but if e.g. JAX-RS 2.1
(also facing Renewal Ballot now AFAIK) could leverage that now hard to say.
Kind Regards,
Werner
On Tue, Nov 22, 2016 at 10:38 AM, arjan tijms <arjan.tijms_at_gmail.com> wrote:
> Hi,
>
> On Tue, Nov 22, 2016 at 12:44 AM, Werner Keil <werner.keil_at_gmail.com>
> wrote:
>
>> While OpenID Connect offers to add some optional metadata a concept of
>> roles seems undefined right now, so we may not require it for certain use
>> cases, but others would certainly benefit from it.
>> JAX-RS has its own SecurityContext https://jax-rs
>> -spec.java.net/nonav/2.0/apidocs/javax/ws/rs/core/SecurityContext.html
>>
>
> Indeed, so as per the JIRA issue the first and foremost goal of the
> SecurityContext is essentially a cross-spec version of the JAX-RS
> SecurityContext.
>
> Basically if it has the isCallerInRole and getCallerPrincipal methods,
> it's 95% there.
>
> Those two methods are now found in more or less identical versions in 4
> different specs.
>
> Kind regards,
> Arjan Tijms
>
>
>
>> Looking at Spring Security the SecurityContext interfact there is
>> somewhat closer to the one in JSR 375 but it also has a getter for an
>> Authentication object.
>> In https://java.net/jira/browse/JAVAEE_SECURITY_SPEC-12 this could be
>> getCallerPrincipal(), getAuthMethod() or similar but they do not currently
>> exist in SecurityContect.
>>
>> Kind Regards,
>> Werner
>>
>>
>> On Mon, Nov 21, 2016 at 11:07 PM, Will Hopkins <will.hopkins_at_oracle.com>
>> wrote:
>>
>>> Experts,
>>>
>>> While I've received some input for the spec from Arjan (thanks!), and
>>> there may be some coming from Werner as well, I haven't been able to put
>>> the terminology section in place, and the content we have so far is, I
>>> think, too thin to release as an EDR.
>>>
>>> I therefore propose we move forward with the renewal ballot, indicating
>>> that the EDR is taking shape and expected to be released soon, and that the
>>> expert group is active and involved in producing the EDR, as well as the
>>> API and an associated RI. It's my understanding that there is unlikely to
>>> be a problem getting the renewal ballot approved.
>>>
>>> What say you all?
>>>
>>> Will
>>>
>>> --
>>> Will Hopkins | Platform Security Architect | +1.781.442.0310
>>> Oracle Cloud Application Foundation
>>> 35 Network Drive, Burlington, MA 01803
>>>
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Java EE Security API - JSR 375 - Experts" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to jsr375-experts+unsubscribe_at_googlegroups.com.
>> To post to this group, send email to jsr375-experts_at_googlegroups.com.
>> To view this discussion on the web visit https://groups.google.com/d/ms
>> gid/jsr375-experts/CAAGawe04QWmHBt5xKR0P_02NOHwgrQ_
>> e8pWGfEjUvPzWoAtJ4w%40mail.gmail.com
>> <https://groups.google.com/d/msgid/jsr375-experts/CAAGawe04QWmHBt5xKR0P_02NOHwgrQ_e8pWGfEjUvPzWoAtJ4w%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>