Return-Path: Delivered-To: apmail-maven-continuum-dev-archive@www.apache.org Received: (qmail 21048 invoked from network); 3 Oct 2006 06:18:52 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 3 Oct 2006 06:18:52 -0000 Received: (qmail 81130 invoked by uid 500); 3 Oct 2006 06:18:35 -0000 Delivered-To: apmail-maven-continuum-dev-archive@maven.apache.org Received: (qmail 81067 invoked by uid 500); 3 Oct 2006 06:18:34 -0000 Mailing-List: contact continuum-dev-help@maven.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: continuum-dev@maven.apache.org Delivered-To: mailing list continuum-dev@maven.apache.org Delivered-To: moderator for continuum-dev@maven.apache.org Received: (qmail 89314 invoked by uid 99); 2 Oct 2006 23:07:44 -0000 X-ASF-Spam-Status: No, hits=0.0 required=5.0 tests= X-Mail-Handler: MailHop Outbound by DynDNS X-Originating-IP: 70.152.54.144 X-Report-Abuse-To: abuse@dyndns.com (see http://www.mailhop.org/outbound/abuse.html for abuse reporting information) X-MHO-User: jdcasey Message-ID: <45219B3A.9070602@commonjava.org> Date: Mon, 02 Oct 2006 19:05:30 -0400 From: John Casey User-Agent: Thunderbird 1.5.0.7 (X11/20060909) MIME-Version: 1.0 To: continuum-dev@maven.apache.org Subject: Re: [vote] rbac-integration branch merge to trunk References: In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N +1 -john Jesse McConnell wrote: > Brett suggested we do a vote for this today so I figured I would just > do that now. > > [-1/0/+1] vote will be open for 72 hours > > Pulling from the other mail, this branch was pulled a bit over a week > ago to test out the plexus-security integration with continuum. Some > of the added features are > > * full separation between application webapp and security (lightweight > integration). > * proper modularization for security components (authentication, > authorization, policy, system, web, etc...) > * rbac (role based access control) authorization provider. > * full user management war overlay (using healthy chunk of maven-user > to make it happen) > * toggle-able guest user authorization. > * remember me and single sign on authentication. > * forced admin account creation (through use of interceptor) > * key based authentication (remember me, single sign on, new user > validation emails, and password resets). > * http auth filters (basic and digest). > * aggressive plexus utilization. > * aggressive xwork / webwork integration. > * xwork interceptors for force admin, auto login (remember me), > secured action, and environment checks. > * secured actions for all of the /security namespace and at least one > continuum secured action (these are enforced by the > pssSecureActionInterceptor) > * all the password validation, user management stuff (again maven-user > origins) > * continuum-security artifact containing the actual static and dynamic > roles, and a continuum role manager that merges permissions to the > core system, user, and guest users > * ifAuthorized, ifAnyAuthorized, elseAuthorized jsp tags. > * placeholders for ldap authentication, authorization and user details > retrieval using plexus ldap components > * ability to re-use Acegi for authentication > > > +1 from me > > cheers, > jesse > > -- John Casey --- Maven Developer (http://maven.apache.org) --- Website: http://www.commonjava.org Blog: http://www.ejlife.net/blogs/john