I think we have a similar issue w.r.t. Soteria -- the web container
needs to configure a JASPIC AuthConfigProvider when it sees AUTHMECH in
<login-config>.
On 03/31/2017 03:24 PM, arjan tijms wrote:
> Hi,
>
> The JACC and JASPIC repos are basically GlassFish, right? Especially
> JASPIC is a little hard to implement as a RI, since it more or less
> tells a Servlet container or EJB container (for SOAP) what to do.
>
> But GlassFish still isn't officially on GitHub, is it?
>
> Kind regards,
> Arjan Tijms
>
>
> On Fri, Mar 31, 2017 at 9:01 PM, Will Hopkins <will.hopkins_at_oracle.com
> <mailto:will.hopkins_at_oracle.com>> wrote:
>
> My understanding is the jacc and jaspic repos are currently on
> github and will be kept (or in the case of the framemaker spec
> source, kept in an internal repository).
>
>
> On 03/31/2017 12:19 PM, arjan tijms wrote:
>> Hope so :O
>>
>> On Fri, Mar 31, 2017 at 3:56 PM, Werner Keil
>> <werner.keil_at_gmail.com <mailto:werner.keil_at_gmail.com>> wrote:
>>
>> Created 30/Apr/13, that was 4 years before the day, java.net
>> <http://java.net> hosting will go down for many projects.
>>
>> Hoping, the JASPIC SPEC also being Sun/Oracle led will remain
>> after April 30?;-)
>>
>> Kind Regards,
>> Werner
>>
>>
>>
>>
>> On Fri, Mar 31, 2017 at 2:35 PM, arjan tijms
>> <arjan.tijms_at_gmail.com <mailto:arjan.tijms_at_gmail.com>> wrote:
>>
>> Hi,
>>
>> One of the things that were discussed early on, but till
>> so far hasn't seen much followup is throwing (CDI) events
>> when the caller is authenticated (logs in) and logs out.
>>
>> See this issue:
>> https://java.net/jira/browse/JASPIC_SPEC-21
>> <https://java.net/jira/browse/JASPIC_SPEC-21>
>>
>> I also wrote an article about this a couple of years ago:
>>
>> http://arjan-tijms.omnifaces.org/2012/12/bridging-undertows-authentication.html
>> <http://arjan-tijms.omnifaces.org/2012/12/bridging-undertows-authentication.html>
>>
>> An example of how these events can be used in practice is
>> shown here:
>>
>> https://github.com/javaeekickoff/java-ee-kickoff-app/blob/master/src/main/java/org/example/kickoff/model/producer/ActiveUserProducer.java
>> <https://github.com/javaeekickoff/java-ee-kickoff-app/blob/master/src/main/java/org/example/kickoff/model/producer/ActiveUserProducer.java>
>>
>> The simple post authenticate events (being informational
>> only) are relatively well understood and something like
>> this is quite often asked for and/or needed by users.
>>
>> I think it would be good to include this in JSR 375.
>>
>> Thoughts?
>>
>> Kind regards,
>> Arjan Tijms
>>
>>
>>
>>
>>
>
> --
> Will Hopkins | WebLogic Security Architect |+1.781.442.0310 <tel:%28781%29%20442-0310>
> Oracle Application Development
> 35 Network Drive, Burlington, MA 01803
>
>
--
Will Hopkins | WebLogic Security Architect | +1.781.442.0310
Oracle Application Development
35 Network Drive, Burlington, MA 01803