Hi,
On Fri, Sep 16, 2016 at 7:00 PM, Mark Thomas <markt_at_apache.org> wrote:
> In short, I want to retain the option to make the JASPIC module
> optional.
Seems fair enough, but would that not also be possible as Tomcat specific
option? E.g. like in Liberty everything can be made optional via their
server.xml, while still being spec compliant.
> The jury is still out on how much demand there is / will be
> for JASPIC. I'd be happy to revisit this in Servlet 4.1 once we have a
> better idea of the user demand. So far the demand has been very, very low.
>
I personally think it's a chicken and egg problem as well. Because JASPIC
hasn't been widely available before people didn't know about it, and if
they don't know about it they can't ask about it.
Also, building custom authentication modules is always going to be
something that's only done by a smaller amount of users.
Then again, comparing the popularity of JASPIC vs JSF 2.2 on my blogs; my
initial JASPIC article is at some 70k views, where the "what's new in JSF
2.2" was at 260k or so last time I looked via search traffic (using terms
like "jaspic java", "jaspic", "jsf 2.2", etc).
Of course both numbers would be dwarfed by the "Servlet" keyword, but
still, it shows there definitely is some interest for JASPIC and it's
slowly picking up now it's becoming more well known.
Kind regards,
Arjan Tijms
>
> Mark
>