I haven't been tracking JSR 351, and we don't currently plan to include it in EE
7, so I don't know if the requirements you refer to would be part of that spec
or some future version of the platform spec.
Werner Keil wrote on 05/10/2012 03:28 PM:
>
> Bill/all,
>
> Thanks a lot for the update.
>
> I'm glad, Ron is involved, so where access to identity providers and
> attributes so far discussed by the JSR 351 EG needs to be restricted or
> controlled, I assume there's going to be additional requirements for that, too.
>
> Regards,
> Werner
>
> Am 10.05.2012 23:43 schrieb "Bill Shannon" <bill.shannon_at_oracle.com
> <mailto:bill.shannon_at_oracle.com>>:
>
> Larry McCay, Ron Monzillo, and I have drafted updates to the platform
> spec to describe the new security manager requirements we've previously
> agreed on. It turned out to be surprisingly difficult to write these
> requirements in a way that captures some of the subtlety involved.
> Please review these updated spec sections carefully and ask questions
> if you're not sure exactly what the requirements are.
>
> The proposed spec updates are here, and will be folded into the draft
> spec soon (obviously the numbering and such will be fixed at that point):
>
> http://java.net/projects/javaee-spec/downloads/download/ee-sec-mgr-00-ljm.pdf
>
> Thanks.
>