geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy Jefferson <a...@ajsoft.net>
Subject Re: J2EE security
Date Tue, 12 Aug 2003 15:15:53 GMT
On Tuesday 12 Aug 2003 15:54, Nash Foster wrote:
> > Yes, we are close.  About the 1 good LoginModule, in your opinion, what
> > is it that is inadequate about the JAAS LoginModule paradigm that
> > requires us to write one good LoginModule and then, in turn, integrate
> > external products when IMHO the JAAS LoginModule paradigm is just fine? 
> > Can you provide a scenario where there would be a problem?
>
> There's nothing wrong with the LoginModule paradigm. We've been using it
> with JBoss, it works great. Don't you integrate external products by
> writing more LoginModules? Those additional modules are what really add
> value for companies wanting to use the software, imnsho.

Agreed. An overriding factor is always how to integrate with inhouse security 
processes, and providing "as complete as possible" set of such LoginModule's 
would be a big win. What you find with many J2EE servers are a very minimum 
set, and often no support for seemingly very basic ones (like a DB login 
module for example, or NIS). A rough list of such required LoginModule's 
would be nice to have ... even at this early stage.
LDAP, RDBMS, NIS, properties files, Active Directory, ... etc.


The other factor that affects deployability of an app is the transparency of 
the security mechanism, and how to enable a particular security mechanism for 
an app, hence a management interface.


-- 
Andy

Mime
View raw message