users@javaee-security-spec.java.net

[javaee-security-spec users] [jsr375-experts] Re: Events for login/logout

From: arjan tijms <arjan.tijms_at_gmail.com>
Date: Fri, 31 Mar 2017 21:24:43 +0200

Hi,

The JACC and JASPIC repos are basically GlassFish, right? Especially JASPIC
is a little hard to implement as a RI, since it more or less tells a
Servlet container or EJB container (for SOAP) what to do.

But GlassFish still isn't officially on GitHub, is it?

Kind regards,
Arjan Tijms


On Fri, Mar 31, 2017 at 9:01 PM, Will Hopkins <will.hopkins_at_oracle.com>
wrote:

> My understanding is the jacc and jaspic repos are currently on github and
> will be kept (or in the case of the framemaker spec source, kept in an
> internal repository).
>
>
> On 03/31/2017 12:19 PM, arjan tijms wrote:
>
> Hope so :O
>
> On Fri, Mar 31, 2017 at 3:56 PM, Werner Keil <werner.keil_at_gmail.com>
> wrote:
>
>> Created 30/Apr/13, that was 4 years before the day, java.net hosting
>> will go down for many projects.
>>
>> Hoping, the JASPIC SPEC also being Sun/Oracle led will remain after April
>> 30?;-)
>>
>> Kind Regards,
>> Werner
>>
>>
>>
>>
>> On Fri, Mar 31, 2017 at 2:35 PM, arjan tijms <arjan.tijms_at_gmail.com>
>> wrote:
>>
>>> Hi,
>>>
>>> One of the things that were discussed early on, but till so far hasn't
>>> seen much followup is throwing (CDI) events when the caller is
>>> authenticated (logs in) and logs out.
>>>
>>> See this issue: https://java.net/jira/browse/JASPIC_SPEC-21
>>>
>>> I also wrote an article about this a couple of years ago:
>>>
>>> http://arjan-tijms.omnifaces.org/2012/12/bridging-undertows-
>>> authentication.html
>>>
>>> An example of how these events can be used in practice is shown here:
>>>
>>> https://github.com/javaeekickoff/java-ee-kickoff-app/blob/ma
>>> ster/src/main/java/org/example/kickoff/model/producer/
>>> ActiveUserProducer.java
>>>
>>> The simple post authenticate events (being informational only) are
>>> relatively well understood and something like this is quite often asked for
>>> and/or needed by users.
>>>
>>> I think it would be good to include this in JSR 375.
>>>
>>> Thoughts?
>>>
>>> Kind regards,
>>> Arjan Tijms
>>>
>>>
>>>
>>>
>>
>
> --
> Will Hopkins | WebLogic Security Architect | +1.781.442.0310 <(781)%20442-0310>
> Oracle Application Development
> 35 Network Drive, Burlington, MA 01803
>
>
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.