deltaspike-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Struberg <strub...@yahoo.de>
Subject Re: deltaspike and authorization
Date Wed, 04 Sep 2013 20:55:16 GMT
+1

the main reason we did no specific binding was that we feel that CDI integration is best done
on their end. 
It would simply be really hard for DeltaSpike to provide bindings for n versions of m different
IDM and security systems.
There are just too many of them around (and most are actually decent or even very good). And
by forcing them into a common API we would probably end up loosing way too many individual
strength of those systems.

Instead we focused on providing a system (SecurityBinding) which allows for easy integration
into any external system you like.

LieGrue,
strub




>________________________________
> From: Jason Porter <lightguard.jp@gmail.com>
>To: users@deltaspike.apache.org 
>Sent: Wednesday, 4 September 2013, 22:12
>Subject: Re: deltaspike and authorization
> 
>
>DeltaSpike isn't all about annotations, we simply decided not to do much in
>the security realm and left that up to other providers. Your code certainly
>works, may not be the best way to do it, but it works. Have you taken a
>look at
>https://github.com/picketlink/picketlink/blob/master/api/src/main/java/org/picketlink/Identity.java
>?
>You'll probably have to use a producer for it, but it looks like it should
>give you what you need.
>
>
>On Wed, Sep 4, 2013 at 11:57 AM, Nathan Dennis
><Nathan.Dennis@monarchnc.org>wrote:
>
>> Multiple ways of going about this... but since DS was all about
>> annotations (and Mark and Jason will probably laugh at this.. but)
>>
>> @Named("inlineSecuritiesBean")
>> @RequestScoped
>> public class InlineSecuritiesBean {
>>
>>
>>         public boolean isAdmin(){
>>                 boolean result = false;
>>                 try {
>>                         result = executeAdmin();
>>                 } catch (Exception e) {
>>                         //e.printStackTrace();
>>                         //log something
>>                 }
>>                 return result;
>>         }
>>
>>         @Admin
>>         private boolean executeAdmin() {
>>                 return true;
>>         }
>>
>>
>> ......
>> Used this type of structure for each of my roles I defined. Not quite as
>> slick as the old seam way.. but this way I could use it pretty much
>> anywhere without extending or maintaining a session bean with a role list
>> in it and test with the whole array.contains mess. just use the annotations
>> and let DS do the rest.
>>
>>
>>
>>
>> best regards,
>>
>> Nathan Dennis | Software Developer
>> 732 Greenwood Street | Albemarle, NC | 28001
>> Main (800) 230-7525 | Direct: 704-986-7211 | Mobile 704.984.0829
>> www.monarchnc.org | nathan.dennis@monarchnc.org
>>
>>
>>
>> -----Original Message-----
>> From: Kelly Goedert [mailto:kelly.goedert@gmail.com]
>> Sent: Wednesday, September 04, 2013 1:50 PM
>> To: users
>> Subject: deltaspike and authorization
>>
>> Hi,
>>
>> using the direction given to me in my previous question, I was able to
>> implement an authentication mechanism in my app using picketlink.
>>
>> I remember that in seam 3, I could use something like this on a xhtml
>> <h:commandButton ... rendered="#{identity.hasRole('some role name')}">
>>
>> I could not find this in picketlink. According to this page
>> https://docs.jboss.org/author/display/SECURITY/PicketBox+CDI#PicketBoxCDI-IdentityManagement
>> it
>> is not available. Is there anything on deltaspike to implement this?
>>
>> Or I should be asking this on a picketlink forum?
>>
>> Thanks
>>
>> Kelly
>>
>>
>> [http://monarchnc.org/images/monarch/env.png]Please consider the
>> environment before printing this email.
>> WARNING: This email is intended solely for the person or entity to which
>> it is addressed and may contain confidential and/or privileged information.
>> Any review, dissemination, copying, printing or other use of the email by
>> persons or entities other than the addressee is prohibited. If you have
>> received this email in error, please contact the sender immediately and
>> delete the material from any computer. If you are unable to determine the
>> sender of this email, please email Monarch at Support@monarchnc.org or
>> contact us at toll free (800) 230-7525, and advise us of the error.
>>
>
>
>
>-- 
>Jason Porter
>http://en.gravatar.com/lightguardjp
>
>
>

Mime
View raw message