directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Noel J. Bergman" <>
Subject RE: RE: [janus] New name
Date Wed, 05 Jan 2005 23:04:46 GMT
> > I agree that Security is maybe too generic, but it generally refers to
> > Authentication and Authorization Services in the Java Server world.

> > So I would favor:
> > 1. Apache Security Framework
> > or
> > 2. Apache Authentication and Authorization Framework

> With that said I think I'm a tiny bit partial to #1 though just because
> it gives you room to grow the API to handle ancillary things that
> facilitate AAA but may not necessarily be central to performing AAA.

Perhaps, but it also implies to be "the" Apache Security Framework, and that
might not be appropriate.  Don't forget that we already have the J2EE roles
support already in Tomcat, for example.  And we have WS-Security related
code elsewhere.  Do we have reason to believe that we'd subsume all of our
Java security related infrastructure?

Looking at, and thinking
generally, I wonder if Credential Framework might be good.  I do find the
whole thing exciting, and suggest that we make sure that the JetSpeed folks
know about it, as well as others.

	--- Noel

View raw message