IC, so it's
https://docs.oracle.com/javaee/7/api/javax/security/jacc/WebResourcePermission.html
The question for a general API element like SecurityContext is, will this
always be specific and limited to JACC only?
The parent class
http://docs.oracle.com/javase/7/docs/api/java/security/Permission.html has
various other known children like SocketPermission, etc.
Do we know only WebResourcePermission applies to SecurityContext?
Kind Regards,
Werner
On Sat, Apr 8, 2017 at 1:59 PM, arjan tijms <arjan.tijms_at_gmail.com> wrote:
> Hi,
>
> On Sat, Apr 8, 2017 at 1:44 PM, Werner Keil <werner.keil_at_gmail.com> wrote:
>
>> IMO I am not sure, if the word "Web" is necessary or adds value, given
>> Mobile, Embedded, etc. may have different types of resources than
>> traditional "websites" or pages.
>>
>
> The term "Web" is there since it's hinges on the underlying
> "WebResourcePermission". So this method asks for exactly the access that
> you can ask for using such WebResourcePermission. WebResourcePermission has
> a well defined meaning of what resources it points to, hence the term "Web"
> in the method ;)
>
> Kind regards,
> Arjan Tijms
>
>
>
>>
>> Kind Regards,
>>
>>
>> Werner
>>
>>
>> On Sat, Apr 8, 2017 at 10:39 AM, Rudy De Busscher <rdebusscher_at_gmail.com>
>> wrote:
>>
>>> Hi Arjan,
>>>
>>> The meeting was ended shortly after your connection broke up.
>>>
>>> The question was to use also CredentialValidationResult with this method
>>> of IdentityStore
>>>
>>> *List<String> getGroupsByCallerPrincipal(CallerPrincipal
>>> callerPrincipal)*
>>>
>>> In order to add additional information to it so that the IdentityStore
>>> has more information about the Caller which was authenticated so that it
>>> can retrieve the groups of the *correct person*
>>>
>>> best regards
>>>
>>> Rudy
>>>
>>>
>>>
>>>
>>> On 7 April 2017 at 22:29, arjan tijms <arjan.tijms_at_gmail.com> wrote:
>>>
>>>> Hi,
>>>>
>>>> I just lost the connection totally too, but probably because it was
>>>> automatically ended by the time limit set.
>>>>
>>>> Oh well, good things were discussed. Perhaps we should have had those
>>>> meetings on a regular basis some time ago, but what's done is done.
>>>>
>>>> Last point of discussion was the CredentialValidationResult that should
>>>> be passed around, but actually this already is. Or maybe I understood the
>>>> question not correctly.
>>>>
>>>> But if you look at the handler, then the main loop is this:
>>>>
>>>> CredentialValidationResult validationResult = null;
>>>>
>>>> // Check stores to authenticate until one succeeds.
>>>> for (IdentityStore authenticationIdentityStore :
>>>> authenticationIdentityStores) {
>>>> validationResult = authenticationIdentityStore.va
>>>> lidate(credential);
>>>> if (validationResult.getStatus() == VALID) {
>>>> break;
>>>> }
>>>> }
>>>>
>>>>
>>>> This makes its decision based on CredentialValidationResult above
>>>> anything else. But again, maybe I understood incorrectly.
>>>>
>>>> Kind regards,
>>>> Arjan Tijms
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Fri, Apr 7, 2017 at 10:05 PM, Werner Keil <werner.keil_at_gmail.com>
>>>> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> Looks like I totally lost the connection, Wifi keeps breaking down. I
>>>>> might try again, otherwise hope next week it will be more stable... So far
>>>>> it was OK here.
>>>>>
>>>>> Werner
>>>>>
>>>>> On Fri, Apr 7, 2017 at 8:21 PM, Werner Keil <werner.keil_at_gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hi Sorry to be late, where is the Zoom URL?
>>>>>>
>>>>>> Werner Keil | JCP Executive Committee Member, JSR 363 Maintenance
>>>>>> Lead | Eclipse UOMo Lead, Babel Language Champion | Apache Committer
>>>>>>
>>>>>> Twitter @wernerkeil | @UnitAPI | @JSR354 | @AgoravaProj | @TamayaConf
>>>>>> | @OpenDDR | #EclipseUOMo
>>>>>> Skype werner.keil <http://gplus.to/wernerkeil>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, Apr 7, 2017 at 7:40 PM, Will Hopkins <will.hopkins_at_oracle.com
>>>>>> > wrote:
>>>>>>
>>>>>>> Agenda:
>>>>>>>
>>>>>>> -- JavaOne talks (Werner):
>>>>>>> -- I think this is a good idea. Willing to present myself, or
>>>>>>> with others from the EG. Having a single session makes sense to me, don't
>>>>>>> know what sort would be best -- maybe BOF? Not sure whether Oracle has a
>>>>>>> separate internal CFP with different deadlines, looking into it now.
>>>>>>>
>>>>>>> -- Glassfish security guide (Werner):
>>>>>>> -- I believe the Oracle doc team will update this with relevant
>>>>>>> information.
>>>>>>>
>>>>>>> -- Build issues (Arjan):
>>>>>>> -- pushing out the api artefact to bintray
>>>>>>> -- pushing milestones (also) to maven central
>>>>>>> -- testing the builds
>>>>>>>
>>>>>>> -- Spec/API issues (Arjan):
>>>>>>> -- checking the source (specifically api) adjusting where needed
>>>>>>> -- (will) need to review RI too, for functionality not in API
>>>>>>> -- any new features still? Events, @Authorized, ... ?
>>>>>>>
>>>>>>> -- Process (Will):
>>>>>>> -- Very little time left in the schedule, need to work
>>>>>>> efficiently
>>>>>>> -- Regular meetings (same time each week)?
>>>>>>> -- GitHub issues vs. JIRA?
>>>>>>> -- Process/tools for doc review?
>>>>>>>
>>>>>>> -- Doc Review (Will):
>>>>>>> -- Walk through EDR1 draft addressing open issues
>>>>>>>
>>>>>>> -- Other Business?
>>>>>>>
>>>>>>> --
>>>>>>> Will Hopkins | WebLogic Security Architect | +1.781.442.0310 <+1%20781-442-0310>
>>>>>>> Oracle Application Development
>>>>>>> 35 Network Drive, Burlington, MA 01803
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>