[jsr342-experts] Re: spec changes for new security manager requirements

From: Bill Shannon <bill.shannon_at_oracle.com>
Date: Thu, 10 May 2012 15:45:48 -0700

I haven't been tracking JSR 351, and we don't currently plan to include it in EE
7, so I don't know if the requirements you refer to would be part of that spec
or some future version of the platform spec.

Werner Keil wrote on 05/10/2012 03:28 PM:
> Bill/all,
> Thanks a lot for the update.
> I'm glad, Ron is involved, so where access to identity providers and
> attributes so far discussed by the JSR 351 EG needs to be restricted or
> controlled, I assume there's going to be additional requirements for that, too.
> Regards,
> Werner
> Am 10.05.2012 23:43 schrieb "Bill Shannon" <bill.shannon_at_oracle.com
> <mailto:bill.shannon_at_oracle.com>>:
> Larry McCay, Ron Monzillo, and I have drafted updates to the platform
> spec to describe the new security manager requirements we've previously
> agreed on. It turned out to be surprisingly difficult to write these
> requirements in a way that captures some of the subtlety involved.
> Please review these updated spec sections carefully and ask questions
> if you're not sure exactly what the requirements are.
> The proposed spec updates are here, and will be folded into the draft
> spec soon (obviously the numbering and such will be fixed at that point):
> http://java.net/projects/javaee-spec/downloads/download/ee-sec-mgr-00-ljm.pdf
> Thanks.