cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergey Beryozkin <sberyoz...@gmail.com>
Subject Re: Ideas for standardizing CXF authentication and authorization
Date Mon, 14 Jul 2014 09:07:15 GMT
Hi Chris
On 14/07/14 02:01, Chris Geer wrote:
> Christian,
>
> I'm not sure I have specific advice about how to approach Shiro
> compatibility without spending some cycles on it. I think we could engage
> Les and Shiro community to help though. One possible approach might just be
> to have CXF use a pluggable approach so that it calls out to an API when it
> checks if a user is authentication/authorized. That way a JAAS
> implementation could be put in place but a Shiro or Spring Security
> implementation could also be put in place. This would have to be made OSGI
> friendly, but I bet it could be done.
>
> I guess I just wanted to toss that out there so that any decisions that
> were made wouldn't preclude using frameworks other than JAAS. In my
> experience, using JAAS in an OSGI environments, with cross-service calls,
> is very problematic so I'd just hate to see CXF require usage of JAAS.

AFAIK depending on JAAS will be completely optional.

Cheers, Sergey


> One
> could argue that CXF didn't need to provide A&A at all in the core and
> external libraries can be used through filters/interceptors as the
> standard.
>
> I'll give it some more thought as this conversation continues.
>
> Chris
>
>
> On Sun, Jul 13, 2014 at 10:56 AM, Christian Schneider <
> chris@die-schneider.net> wrote:
>
>> I think it would be great to stay compatible to the external security
>> frameworks.
>>
>> What do you think needs to be considered regarding shiro?
>>
>> Christian
>>
>>
>> Am 13.07.2014 17:50, schrieb Chris Geer:
>>
>>   While authentication/authorization is being discussed it would also be
>>> good
>>> if compatibility with Apache Shiro was kept in mind.
>>>
>>>
>>>
>> --
>>   Christian Schneider
>> http://www.liquid-reality.de
>>
>> Open Source Architect
>> Talend Application Integration Division http://www.talend.com
>>
>>
>


Mime
View raw message